Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details

Overview

General Information

Sample URL:https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details
Analysis ID:1500938
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

HTML body contains low number of good links
HTML title does not match URL

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 3980 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4412 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2208,i,972951138316772105,17389294996650650195,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6436 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3DHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3DHTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3DHTTP Parser: No favicon
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3DHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3DHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /app/itdesk/ui/requests/867000003351579/details HTTP/1.1Host: australianfoodandfibre.servicedeskplus.net.auConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /Login.jsp?serviceurl=%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails HTTP/1.1Host: australianfoodandfibre.servicedeskplus.net.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: zalb_d63ded2016=771e32d61209a8f8d2cb5ace3045233c; sdpcscook=57798b93-f060-4609-b778-23fedd8ad93b; _zcsr_tmp=57798b93-f060-4609-b778-23fedd8ad93b
Source: global trafficHTTP traffic detected: GET /samlauthrequest/aff-limited.com.au?serviceurl=https%3A%2F%2Faustralianfoodandfibre.servicedeskplus.net.au%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails&servicename=SDPOnDemand&portal_id=7001242490&hide_signup=false HTTP/1.1Host: accounts.zoho.com.auConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/winauth/ssoprobe?client-request-id=de01a722-6f49-4599-ab7d-ff51aec23674&_=1724906554053 HTTP/1.1Host: autologon.microsoftazuread-sso.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131 HTTP/1.1Host: aadcdn.msauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: australianfoodandfibre.servicedeskplus.net.au
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: accounts.zoho.com.au
Source: global trafficDNS traffic detected: DNS query: login.microsoftonline.com
Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global trafficDNS traffic detected: DNS query: aadcdn.msauthimages.net
Source: global trafficDNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: chromecache_62.2.drString found in binary or memory: https://login.microsoftonline.com
Source: chromecache_62.2.drString found in binary or memory: https://login.windows-ppe.net
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49740 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: classification engineClassification label: clean1.win@17/46@23/8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2208,i,972951138316772105,17389294996650650195,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2208,i,972951138316772105,17389294996650650195,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://login.microsoftonline.com0%URL Reputationsafe
https://australianfoodandfibre.servicedeskplus.net.au/Login.jsp?serviceurl=%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails0%Avira URL Cloudsafe
https://autologon.microsoftazuread-sso.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/winauth/ssoprobe?client-request-id=de01a722-6f49-4599-ab7d-ff51aec23674&_=17249065540530%Avira URL Cloudsafe
https://aadcdn.msauthimages.net/81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=6376406174949881310%Avira URL Cloudsafe
https://accounts.zoho.com.au/samlauthrequest/aff-limited.com.au?serviceurl=https%3A%2F%2Faustralianfoodandfibre.servicedeskplus.net.au%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails&servicename=SDPOnDemand&portal_id=7001242490&hide_signup=false0%Avira URL Cloudsafe
https://login.windows-ppe.net0%Avira URL Cloudsafe
https://login.windows-ppe.net2%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalse
    		unknown
    zs-au1-lc1-h2.servicedeskplus.net.au
    		103.138.128.66
    		truefalse
      		unknown
      sni1gl.wpc.upsiloncdn.net
      		152.199.21.175
      		truefalse
        		unknown
        sni1gl.wpc.omegacdn.net
        		152.199.21.175
        		truefalse
          		unknown
          www.google.com
          		142.250.186.164
          		truefalse
            		unknown
            s-part-0045.t-0009.t-msedge.net
            		13.107.246.73
            		truefalse
              		unknown
              zs-au1-lc1-h2.zoho.com.au
              		103.138.128.66
              		truefalse
                		unknown
                s-part-0032.t-0009.t-msedge.net
                		13.107.246.60
                		truefalse
                  		unknown
                  fp2e7a.wpc.phicdn.net
                  		192.229.221.95
                  		truefalse
                    		unknown
                    autologon.microsoftazuread-sso.com
                    		40.126.28.18
                    		truefalse
                      		unknown
                      aadcdn.msauthimages.net
                      		unknown
                      		unknownfalse
                        		unknown
                        identity.nel.measure.office.net
                        		unknown
                        		unknownfalse
                          		unknown
                          aadcdn.msftauth.net
                          		unknown
                          		unknownfalse
                            		unknown
                            accounts.zoho.com.au
                            		unknown
                            		unknownfalse
                              		unknown
                              login.microsoftonline.com
                              		unknown
                              		unknownfalse
                                		unknown
                                australianfoodandfibre.servicedeskplus.net.au
                                		unknown
                                		unknownfalse
                                  		unknown

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  https://australianfoodandfibre.servicedeskplus.net.au/Login.jsp?serviceurl=%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetailsfalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://accounts.zoho.com.au/samlauthrequest/aff-limited.com.au?serviceurl=https%3A%2F%2Faustralianfoodandfibre.servicedeskplus.net.au%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails&servicename=SDPOnDemand&portal_id=7001242490&hide_signup=falsefalse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://aadcdn.msauthimages.net/81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131false
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/detailsfalse
                                    		unknown
                                    https://autologon.microsoftazuread-sso.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/winauth/ssoprobe?client-request-id=de01a722-6f49-4599-ab7d-ff51aec23674&_=1724906554053false
                                    • Avira URL Cloud: safe
                                    		unknown

                                    URLs from Memory and Binaries

                                    NameSourceMaliciousAntivirus DetectionReputation
                                    https://login.microsoftonline.comchromecache_62.2.drfalse
                                    • URL Reputation: safe
                                    		unknown
                                    https://login.windows-ppe.netchromecache_62.2.drfalse
                                    • 2%, Virustotal, Browse
                                    • Avira URL Cloud: safe
                                    		unknown

                                    World Map of Contacted IPs

                                    • No. of IPs < 25%
                                    • 25% < No. of IPs < 50%
                                    • 50% < No. of IPs < 75%
                                    • 75% < No. of IPs

                                    Public IPs

                                    IPDomainCountryFlagASNASN NameMalicious
                                    103.138.128.66
                                    		zs-au1-lc1-h2.servicedeskplus.net.auAustralia
                                    		139006ZCPL-AS-APZohoCorporationPTYLTDAUfalse
                                    13.107.246.73
                                    		s-part-0045.t-0009.t-msedge.netUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    40.126.28.18
                                    		autologon.microsoftazuread-sso.comUnited States
                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    13.107.246.60
                                    		s-part-0032.t-0009.t-msedge.netUnited States
                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                    239.255.255.250
                                    		unknownReserved
                                    		unknownunknownfalse
                                    142.250.186.164
                                    		www.google.comUnited States
                                    		15169GOOGLEUSfalse
                                    152.199.21.175
                                    		sni1gl.wpc.upsiloncdn.netUnited States
                                    		15133EDGECASTUSfalse

                                    Private

                                    IP
                                    192.168.2.4

                                    General Information

                                    Joe Sandbox version:40.0.0 Tourmaline
                                    Analysis ID:1500938
                                    Start date and time:2024-08-29 06:41:23 +02:00
                                    Joe Sandbox product:CloudBasic
                                    Overall analysis duration:0h 3m 8s
                                    Hypervisor based Inspection enabled:false
                                    Report type:full
                                    Cookbook file name:browseurl.jbs
                                    Sample URL:https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details
                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                    Number of analysed new started processes analysed:8
                                    Number of new started drivers analysed:0
                                    Number of existing processes analysed:0
                                    Number of existing drivers analysed:0
                                    Number of injected processes analysed:0
                                    Technologies:
                                    • HCA enabled
                                    • EGA enabled
                                    • AMSI enabled
                                    Analysis Mode:default
                                    Analysis stop reason:Timeout
                                    Detection:CLEAN
                                    Classification:clean1.win@17/46@23/8
                                    EGA Information:Failed
                                    HCA Information:
                                    • Successful, ratio: 100%
                                    • Number of executed functions: 0
                                    • Number of non-executed functions: 0

                                    Warnings

                                    • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                    • Excluded IPs from analysis (whitelisted): 142.250.185.227, 216.58.206.78, 66.102.1.84, 34.104.35.123, 20.190.159.71, 20.190.159.64, 40.126.31.71, 40.126.31.67, 20.190.159.23, 20.190.159.2, 20.190.159.68, 40.126.31.69, 2.19.126.199, 2.19.126.215, 20.190.160.20, 40.126.32.134, 40.126.32.140, 40.126.32.74, 40.126.32.68, 20.190.160.22, 40.126.32.133, 40.126.32.138, 13.85.23.86, 199.232.214.172, 142.250.185.234, 142.250.186.74, 142.250.185.106, 142.250.186.170, 142.250.185.202, 142.250.185.74, 142.250.184.234, 216.58.206.74, 142.250.186.106, 172.217.18.10, 142.250.185.170, 172.217.16.138, 142.250.181.234, 172.217.16.202, 142.250.186.42, 142.250.185.138, 40.126.32.136, 20.190.160.17, 40.126.32.76, 192.229.221.95, 20.166.126.56, 13.89.179.8, 13.89.179.9, 142.250.186.163, 40.68.123.157
                                    • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, clientservices.googleapis.com, browser.events.data.trafficmanager.net, ak.privatelink.msidentity.com, a1894.dscb.akamai.net, onedscolprdcus09.centralus.cloudapp.azure.com, clients2.google.com, ocsp.digicert.com, login.live.com, aadcdn.azureedge.net, aadcdn.ec.azureedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, login.mso.msidentity.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, www.tm.ak.prd.aadg.trafficmanager.net, prdv4a.aadg.msidentity.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, aadcdnoriginwus2.azureedge.net, ctldl.windowsupdate.com.delivery.microsoft.com, www.tm.v4.a.prd.aadg.akadns.net, www.tm.ak.prd.aadg.akadns.net, ctldl.windowsupdate.com, aadcdn.msauth.net, firstparty-azurefd-prod.trafficmanager.net, login.msa.msidentity.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, br
                                    • Not all processes where analyzed, report is missing behavior information
                                    • Report size getting too big, too many NtSetInformationFile calls found.

                                    Simulations

                                    Behavior and APIs

                                    No simulations

                                    LLM Input / Output

                                    InputOutput
                                    URL: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8 Model: jbxai
                                    {
"brand":["Microsoft"],
"contains_trigger_text":false,
"prominent_button_name":"Next",
"text_input_field_labels":["Sign-in options",
"Terms of use",
"Privacy & cookies"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

                                    Joe Sandbox View / Context

                                    IPs

                                    No context

                                    Domains

                                    No context

                                    ASNs

                                    No context

                                    JA3 Fingerprints

                                    No context

                                    Dropped Files

                                    No context

                                    Created / dropped Files

                                    Chrome Cache Entry: 60

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
                                    Category:downloaded
                                    Size (bytes):61052
                                    Entropy (8bit):7.996159932827634
                                    Encrypted:true
                                    SSDEEP:1536:HQaq1Q7XOos5ZBIp+1Zr52IGmCJijm1qAxTe9wzf:fq1HoUBIpU5TG7JSmwuTe+b
                                    MD5:C1E82BF71ADD622AD0F3BF8572F634FC
                                    SHA1:6CA863D4CAB96669202548D301693B3F5F80B0D5
                                    SHA-256:BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
                                    SHA-512:820A7F8A0C8EA33A8FE1E90CDC35F45DC1E143E836B0D8EA047E1E312F8CAEC72CDEE4E7DB54760A4D749CD0ACFE103A27E39A9A56EB2D704E448A67B0D0C079
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
                                    Preview:...........iw.F.0.....'W...4)/qH#..D.L.EK...................().}.{..@.z........Qz.,..Ox.....i4..S.&.p......9..W....);a.].a....Y......Y<,.n..."`Is....5....P..|.-..x1.F...@...yRlG.O..5.Q.|.gy.c.^....r.EC.....xd.oL..$./..|3.......r^.j.}...M... )x.D.....%.....B..t....vZ....2L......px.G.1.*.lZYh...$.....,.../.a..;Q...._..#.....e.T.:trA_.0.:.f...........(I.x?.S...<7...o..0.`r.x.+.2..o+...4/..vzY7.C'.....!.r..4n....]P.+a..........._.8,..G>...{.4B....o.9.....r......X3..U.....'.0.@...lrX....r.W\e...].}....(.l......=........3....S..........^=D..[.zw6..e...<WQ.w.(.X..S....>.^.....^B..O-.(..U.R;h..v.......4.Dc .?..z....r.._.Y......M.a.?,...?..U.....OF.w\h$.Q..5....Q.Oj ....5U..8..Y......gYZM....y..OrY.z]B..y..;o.....oT.r...H..{K...Y&Q.......*..W....N4.......].0m..m........E.bc..~..e.. .nzS.i3^......).,Y}.=1H...... V...g.)....X..G...C....@o,.i.~...as...ehEH....u9l.2...y\J.?.(.I.q%..F#..D../>pr$...,...m.6..:,<s..~S.fl;k.'<..}z.Y.

                                    Chrome Cache Entry: 61

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 141866
                                    Category:dropped
                                    Size (bytes):49804
                                    Entropy (8bit):7.994672288751266
                                    Encrypted:true
                                    SSDEEP:1536:SMuttwJ0uUmAcZjNL6nnQlL+mwKLiQC7Mn3dxPErr:SwJ0vmAcKnnQF+8LJOMn3DPE/
                                    MD5:6DE768A4DF1E0D0061CDB52EF06346C4
                                    SHA1:3829A667B97668008023DDA98F4C0772174C8EF6
                                    SHA-256:58732EEE2ED9091F4F5776DC8A8A14116CBE5A2BA1CCDA0256896BAB08A52128
                                    SHA-512:CC6966D2C2B43E762750102E734DA6B88D7BFB92DDB5D482EE25029337D95E997466E83001586F2B63DAEE890B5F3188E8EC0F1B084D5EB67CFEA55EDDFAD47D
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........m[.8.0........OL....;w..nf.0.ff.X.'V......4.r~........=........,..JU.......T~.l..?..E.....X..|t~P9...TN..G..?^.~.............Xx.0..Q..Fa4.#7.q...F.;......4...Q.W&~.@....O.*T.y.37J.+Ggf...P....Pz.N...>..a.D..<.m./A,*...Q.....WN.Q...8.Db$.G.H<...'....J,..8..{nG.2@HYkL../......=.pL....A?.&Ng.i,......2lo...$.<.3...?~pW..=...L..&x.QR.u3..#6q2....U.Y1..".M. .<W."7@......w..."H,@......0..P....p:...[...E].A..%..V.K\.......F.ir.}.Lc{s..O.g..(|.........9o..A.t.K....Wv.l6..T.......t.........+..........-w {l..g...V..\=W.j.oaT}t.J`E..$W......;.k.\.t.w~}".....jf..W..."..a..0y........@.T.1.G0.......*.Y_....../..........@.....*]+.*..*.q\.cR.....t.3S-5g....'U.j.d......y.n,:).|.?.FW...d...|.......*.`.3....kMKf...#..,DM.TY+..g.........e+.>...{y..N/..g-#FV.V.p.......Xs.(..{..}..-.O..H=."...........8M.g..!H..0.~.Tdf.;...$D%N .)..!..V...'r\.... ...&....J|."Nd%D:uw:.<W.+...H&.Z...L=..U.v....J.t.0%+...U..3M....y...L..G...p='.....pB"-..|.....j .a".i=O.R Q2..."...

                                    Chrome Cache Entry: 62

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:HTML document, ASCII text, with very long lines (3450), with CRLF line terminators
                                    Category:downloaded
                                    Size (bytes):3452
                                    Entropy (8bit):5.117912766689607
                                    Encrypted:false
                                    SSDEEP:96:3qO9I9Sz9KHULI5m4UidBGLosqAsosushswsosry:a2IYz95qTdBac
                                    MD5:CB06E9A552B197D5C0EA600B431A3407
                                    SHA1:04E167433F2F1038C78F387F8A166BB6542C2008
                                    SHA-256:1F4EDBD2416E15BD82E61BA1A8E5558D44C4E914536B1B07712181BF57934021
                                    SHA-512:1B4A3919E442EE4D2F30AE29B1C70DF7274E5428BCB6B3EDD84DCB92D60A0D6BDD9FA6D9DDE8EAB341FF4C12DE00A50858BF1FC5B6135B71E9E177F5A9ED34B9
                                    Malicious:false
                                    Reputation:low
                                    URL:https://login.live.com/Me.htm?v=3
                                    Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.

                                    Chrome Cache Entry: 63

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152
                                    Category:dropped
                                    Size (bytes):61052
                                    Entropy (8bit):7.996159932827634
                                    Encrypted:true
                                    SSDEEP:1536:HQaq1Q7XOos5ZBIp+1Zr52IGmCJijm1qAxTe9wzf:fq1HoUBIpU5TG7JSmwuTe+b
                                    MD5:C1E82BF71ADD622AD0F3BF8572F634FC
                                    SHA1:6CA863D4CAB96669202548D301693B3F5F80B0D5
                                    SHA-256:BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
                                    SHA-512:820A7F8A0C8EA33A8FE1E90CDC35F45DC1E143E836B0D8EA047E1E312F8CAEC72CDEE4E7DB54760A4D749CD0ACFE103A27E39A9A56EB2D704E448A67B0D0C079
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........iw.F.0.....'W...4)/qH#..D.L.EK...................().}.{..@.z........Qz.,..Ox.....i4..S.&.p......9..W....);a.].a....Y......Y<,.n..."`Is....5....P..|.-..x1.F...@...yRlG.O..5.Q.|.gy.c.^....r.EC.....xd.oL..$./..|3.......r^.j.}...M... )x.D.....%.....B..t....vZ....2L......px.G.1.*.lZYh...$.....,.../.a..;Q...._..#.....e.T.:trA_.0.:.f...........(I.x?.S...<7...o..0.`r.x.+.2..o+...4/..vzY7.C'.....!.r..4n....]P.+a..........._.8,..G>...{.4B....o.9.....r......X3..U.....'.0.@...lrX....r.W\e...].}....(.l......=........3....S..........^=D..[.zw6..e...<WQ.w.(.X..S....>.^.....^B..O-.(..U.R;h..v.......4.Dc .?..z....r.._.Y......M.a.?,...?..U.....OF.w\h$.Q..5....Q.Oj ....5U..8..Y......gYZM....y..OrY.z]B..y..;o.....oT.r...H..{K...Y&Q.......*..W....N4.......].0m..m........E.bc..~..e.. .nzS.i3^......).,Y}.=1H...... V...g.)....X..G...C....@o,.i.~...as...ehEH....u9l.2...y\J.?.(.I.q%..F#..D../>pr$...,...m.6..:,<s..~S.fl;k.'<..}z.Y.

                                    Chrome Cache Entry: 64

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                    Category:downloaded
                                    Size (bytes):1435
                                    Entropy (8bit):7.8613342322590265
                                    Encrypted:false
                                    SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                    MD5:9F368BC4580FED907775F31C6B26D6CF
                                    SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                    SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                    SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                    Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                    Chrome Cache Entry: 65

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1017x678, components 3
                                    Category:dropped
                                    Size (bytes):141233
                                    Entropy (8bit):7.981206634239356
                                    Encrypted:false
                                    SSDEEP:3072:04GtHvtT97Zu/s1Ve8Spy586UTukvTmMOuNLiGG:0RpS0VeBy58LIft
                                    MD5:8412A6F74B196981D3BEE266B17BC756
                                    SHA1:90158D3FBAF87AB9D71D1A854DD1AFF6FB5CE8BA
                                    SHA-256:03EE2BCE70C9BE4D5E3A9B01DED41F4518F9C1050A2552DCD2F3225644937ECC
                                    SHA-512:E6ABEE27870E8A7E9D0F7E4A84AF3A67B6656AF055B16B16CA1AA7C0338888C548FF064D126E532ACEE1DD6BAC62730C40AA177FBDF1576E9719F0C40E893698
                                    Malicious:false
                                    Reputation:low
                                    Preview:......JFIF.....H.H.....C...........................#.%$"."!&+7/&)4)!"0A149;>>>%.DIC<H7=>;...C...........;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;..........."....................................................................................|.'....:...NQwI.a..z>..I...d.:.N...f.S'zf..N...d.:.N...h._\.+jTu....A..vdiY....V*..)x..p..;3k.....Y....Bl.|.Z._1...`...:..2L..Y.u1.O.....4.`........GY...*.A....(D....|...j.[9.$T...;..4[..c(..%..P_.....&.Tv.>.i..U..=.......Y...:FN........d.:.N...d.:.N...d.:.N..*N....n.U....{R.6...&.l..9....Nj.7*.:.&.-...Y..L..+y.r.J...MZi...65..lk.....6....8LccP.l..].....1.T...5.J.WJ/...."...x..[......,nPI .$..X.F.@...].R....).2uL.S'T..2uL.S'T..2uL.S'T..2uL.S:T.R..d.:.N...N.S:.N.;).''...S.e..I*N.6Bvgt.F\.1C...R....0...B.Q.x.kQ...r.J+......r..q.TJmU9N.A.)RN..z<..2.I(.e8.;.g\<.z.U8.`.gWX4.t..0....=kS.y...s.u..TT.EI....:.N...d.:.N...d.:.N....uL.S'T..L.S'T..2uL.S:B.*.u..K:zV1..M...p.>...JI....UB-.yT..)KSe.5.Z!U..7SP

                                    Chrome Cache Entry: 66

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                    Category:dropped
                                    Size (bytes):1435
                                    Entropy (8bit):7.8613342322590265
                                    Encrypted:false
                                    SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                    MD5:9F368BC4580FED907775F31C6B26D6CF
                                    SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                    SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                    SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                    Chrome Cache Entry: 67

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113401
                                    Category:downloaded
                                    Size (bytes):20414
                                    Entropy (8bit):7.979508934961097
                                    Encrypted:false
                                    SSDEEP:384:ekqQ8rNFEhCgMyL2iww6oIR8mWG+Pu9Z5IMU7ULgCsHqZo9v8:9CGEiL/w7R8DW9Z5BU7UMZHqok
                                    MD5:48981D3CF57E7C58CA7E3E851EF9354E
                                    SHA1:73593DE7633B10F9FFD0EF0E46280FA40FF433FF
                                    SHA-256:8A5E756923CC5C3F013862427B7622F58A52501C5A6017FFF2FDB2AFD94A10C2
                                    SHA-512:4E2B6EA222CE77E6EC12E059362DDDEA13758CDC77259FF5CF449BED5A1677E112CF49CD7ED7B1378F96FFD7C5E21BE66D2CA7EB2A9CD8026732F867FB5AE8B1
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
                                    Preview:...........}ks.6.....\.R;.J.H=-WR;..&>g^53.G.R[.DY<C..$e.WG..... )...{+'g...l............bw_f7.:x..<x.-.*V5)/wE..Y...gy.0.*(.*-o.e.|..._..I.....?<{.!x...W..._..^..p..E..'..Y...<.....*]..6(. ..D..*...Y.......:.ve.?..!..|t...].+.......a.......|.P...u.H.d.d.r.c[..~.L..n.-.}e.H3...r..^..iP.u.*.z.....)..Z.jx..C'......u..{.C...N.o.m~..F(b..f.....h..O.....6....kr.......n2m M$.R..R..i{.~...*..n.dKY..#.Kn.4..G...O..l.#.a=..iU..].S.2.wY..O.|...Z.A....].uU.._%U.<...pp..u=.....C.R..S.....0...A<......&...W..'o.T.."..jO..^+.....DiW.b..7i..7..........lKe.0.~B0.....zQu#...YB.,.{*.&.6..G.6..._...J.i.?.LS$( .^.{..u.-.0....K....M&j..s.yB..+....^.)...7e.....]..eFI_.kRX.B......D[.4......+.u=>....R.`QEK...R..d...*S.. ,c5RKBK(......][..eF{T.....6...".....Uk:..S.0Ro.}B.dwJZ}U..S.F.....&.&.~|......{..Ep.>x..._....}p..=.}...v...7?}...g..1&.......}...^...o.x.>x...../.^....._.........w.v./.........BA...{J..w..$?.}w....?zO.r..5...7.gl..z...g.?.{....R.......yGj

                                    Chrome Cache Entry: 68

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 449540
                                    Category:downloaded
                                    Size (bytes):122157
                                    Entropy (8bit):7.997792045055063
                                    Encrypted:true
                                    SSDEEP:3072:17MEQ7cSw+Opzu8DVOKY22L2NYwrLiZI53Hybp+Y:yEYXOw2fY2NYQLiZI5Cbp+Y
                                    MD5:B9A054903589649EF9B8AC6373ABE4BF
                                    SHA1:B3E0D0512F7B1C59F89BD86338FCD73D57385672
                                    SHA-256:4EAFFBA1EDB780DEC8B10D44D25951D96BEE9E0F98E46F87849EDA4ECEEEAAB6
                                    SHA-512:E251F3B0B01E715957DC7356A14E919C8F9253135F1BD6733855F85244384D0BE100B73E174766BB333D4A4EFBE30CE1079C29F02FEEA084984325B991708736
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
                                    Preview:...........{W.H.8....F3.......V..@...LU.,.pd)m..W.y..~._Dd...e.jv...;[X..........?o._..+..._ex....N+7...+W...........`...7.~R.......0....(.....(vR.T..o.;Ae.G.J..*.8...iR..$.B#.D.*T.{.+'N_+gW.:..6..P.f...!..Q......G...<.X\y~.....Q...J.\.?A#...M..'f....q........!E..5.[L..:..{P.........8...L...u..Ye..b.*iTy....x.pR..M.j.......M.a&,~...A%..B.J....2..$x.Lb'D...`.I......cTt.Z.3...L..$.f3...R..~...*.?.(l..L*.avv...a.x.C.......>.Gu7.~..$p......>.m8...3...9....|.=..GS..e[W*.........%....Z.'.........x...*.-..JX..+..O. _....o.;=.?....w../Q=`.$}8Hvvj...&w.`......F.....d...Jf......W..mo;.....[...*~@+5.....v ....2.S...n.;;..jT.....p.\..[O..qZ.UkK1@{...{.hY.. CC.h..U.6...,..a...Na!&.T..${.[..X[..2..ry .1,D}LeY=...Q.>.{.......G~.US.......Z.7...)..h.[..(......1p..=Wn .$..y.:+......i......-UF.,XL...vF..j...N...9..D7k..PL.L...h-.p..%V?.>e...C...3....P...*....w?.....*..............R.].....xY..~.........s...xZr.z.L..).j...p.)#..!Qr.#t..

                                    Chrome Cache Entry: 69

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 449540
                                    Category:dropped
                                    Size (bytes):122157
                                    Entropy (8bit):7.997792045055063
                                    Encrypted:true
                                    SSDEEP:3072:17MEQ7cSw+Opzu8DVOKY22L2NYwrLiZI53Hybp+Y:yEYXOw2fY2NYQLiZI5Cbp+Y
                                    MD5:B9A054903589649EF9B8AC6373ABE4BF
                                    SHA1:B3E0D0512F7B1C59F89BD86338FCD73D57385672
                                    SHA-256:4EAFFBA1EDB780DEC8B10D44D25951D96BEE9E0F98E46F87849EDA4ECEEEAAB6
                                    SHA-512:E251F3B0B01E715957DC7356A14E919C8F9253135F1BD6733855F85244384D0BE100B73E174766BB333D4A4EFBE30CE1079C29F02FEEA084984325B991708736
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........{W.H.8....F3.......V..@...LU.,.pd)m..W.y..~._Dd...e.jv...;[X..........?o._..+..._ex....N+7...+W...........`...7.~R.......0....(.....(vR.T..o.;Ae.G.J..*.8...iR..$.B#.D.*T.{.+'N_+gW.:..6..P.f...!..Q......G...<.X\y~.....Q...J.\.?A#...M..'f....q........!E..5.[L..:..{P.........8...L...u..Ye..b.*iTy....x.pR..M.j.......M.a&,~...A%..B.J....2..$x.Lb'D...`.I......cTt.Z.3...L..$.f3...R..~...*.?.(l..L*.avv...a.x.C.......>.Gu7.~..$p......>.m8...3...9....|.=..GS..e[W*.........%....Z.'.........x...*.-..JX..+..O. _....o.;=.?....w../Q=`.$}8Hvvj...&w.`......F.....d...Jf......W..mo;.....[...*~@+5.....v ....2.S...n.;;..jT.....p.\..[O..qZ.UkK1@{...{.hY.. CC.h..U.6...,..a...Na!&.T..${.[..X[..2..ry .1,D}LeY=...Q.>.{.......G~.US.......Z.7...)..h.[..(......1p..=Wn .$..y.:+......i......-UF.,XL...vF..j...N...9..D7k..PL.L...h-.p..%V?.>e...C...3....P...*....w?.....*..............R.].....xY..~.........s...xZr.z.L..).j...p.)#..!Qr.#t..

                                    Chrome Cache Entry: 70

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                    Category:downloaded
                                    Size (bytes):621
                                    Entropy (8bit):7.673946009263606
                                    Encrypted:false
                                    SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                    MD5:4761405717E938D7E7400BB15715DB1E
                                    SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                    SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                    SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                    Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                    Chrome Cache Entry: 71

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):72
                                    Entropy (8bit):4.241202481433726
                                    Encrypted:false
                                    SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                    MD5:9E576E34B18E986347909C29AE6A82C6
                                    SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                    SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                    SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                    Malicious:false
                                    Reputation:low
                                    Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                    Chrome Cache Entry: 72

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113769
                                    Category:dropped
                                    Size (bytes):35167
                                    Entropy (8bit):7.9940882099284245
                                    Encrypted:true
                                    SSDEEP:768:7hZ+Bu8B8u9cTsNFEe8KT5ZRsn/lxN9VICF+wXEg5dPZ1l:x8+u6Tk8Q5MnND/+wUgnPXl
                                    MD5:157CD264060EC0AA768C58FA5E3BCD45
                                    SHA1:C11F015567C602806D9B2FAA5FB5C36ED15D2BF2
                                    SHA-256:5AA014AA67DDC6E040E1F60BBE3B7E810809759B561E391A9B8F84A93827E07B
                                    SHA-512:556C196743A9CF18D0F5EE8557ACBD4867DA253BBBFEFB9539E6C6CCF983351A9FDC3CE5209018771B72A2616AFB643DA914298FA5EC57EE1D5D871C27A68C21
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....p+Lg.t9I..P./ap......o9Wx.._{....k..,...............................7.|..t...Ax.7..b..v..v.m-...~v...:....r..._........,...A........:..x.>.y..u....N...\s...).......<?._.........%.jC..~..=.....O._j.h.,...O@..9.RN@.0.t>..K.....`......!^.......".~.........g.$:.O...b>..m.M.........y_p.. .....V..No...$T.;.b....[ ..z.....t...N.g5...._c.....I....l_.l_.."..._oz..^lM....hc..^l..-.0M..'[.....,...A....7X....O^...y..&.i.f.....lE nGQ=...........y$?.cB.+h..2...n).9.....kb.Cdg....^'...."..Q:^.z.j~.......

                                    Chrome Cache Entry: 73

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 141866
                                    Category:downloaded
                                    Size (bytes):49804
                                    Entropy (8bit):7.994672288751266
                                    Encrypted:true
                                    SSDEEP:1536:SMuttwJ0uUmAcZjNL6nnQlL+mwKLiQC7Mn3dxPErr:SwJ0vmAcKnnQF+8LJOMn3DPE/
                                    MD5:6DE768A4DF1E0D0061CDB52EF06346C4
                                    SHA1:3829A667B97668008023DDA98F4C0772174C8EF6
                                    SHA-256:58732EEE2ED9091F4F5776DC8A8A14116CBE5A2BA1CCDA0256896BAB08A52128
                                    SHA-512:CC6966D2C2B43E762750102E734DA6B88D7BFB92DDB5D482EE25029337D95E997466E83001586F2B63DAEE890B5F3188E8EC0F1B084D5EB67CFEA55EDDFAD47D
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js
                                    Preview:...........m[.8.0........OL....;w..nf.0.ff.X.'V......4.r~........=........,..JU.......T~.l..?..E.....X..|t~P9...TN..G..?^.~.............Xx.0..Q..Fa4.#7.q...F.;......4...Q.W&~.@....O.*T.y.37J.+Ggf...P....Pz.N...>..a.D..<.m./A,*...Q.....WN.Q...8.Db$.G.H<...'....J,..8..{nG.2@HYkL../......=.pL....A?.&Ng.i,......2lo...$.<.3...?~pW..=...L..&x.QR.u3..#6q2....U.Y1..".M. .<W."7@......w..."H,@......0..P....p:...[...E].A..%..V.K\.......F.ir.}.Lc{s..O.g..(|.........9o..A.t.K....Wv.l6..T.......t.........+..........-w {l..g...V..\=W.j.oaT}t.J`E..$W......;.k.\.t.w~}".....jf..W..."..a..0y........@.T.1.G0.......*.Y_....../..........@.....*]+.*..*.q\.cR.....t.3S-5g....'U.j.d......y.n,:).|.?.FW...d...|.......*.`.3....kMKf...#..,DM.TY+..g.........e+.>...{y..N/..g-#FV.V.p.......Xs.(..{..}..-.O..H=."...........8M.g..!H..0.~.Tdf.;...$D%N .)..!..V...'r\.... ...&....J|."Nd%D:uw:.<W.+...H&.Z...L=..U.v....J.t.0%+...U..3M....y...L..G...p='.....pB"-..|.....j .a".i=O.R Q2..."...

                                    Chrome Cache Entry: 74

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:ASCII text, with no line terminators
                                    Category:downloaded
                                    Size (bytes):36
                                    Entropy (8bit):4.503258334775644
                                    Encrypted:false
                                    SSDEEP:3:Eq62iczBr9ks:EqdiczBys
                                    MD5:06B313E93DD76909460FBFC0CD98CB6B
                                    SHA1:C4F9B2BBD840A4328F85F54873C434336A193888
                                    SHA-256:B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
                                    SHA-512:EFD7E8195D9C126883C71FED3EFEDE55916848B784F8434ED2677DF5004436F7EDE9F80277CB4675C4DEB8F243B2705A3806B412FAA8842E039E9DC467C11645
                                    Malicious:false
                                    Reputation:low
                                    URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmCAmly1gHbXRIFDdFbUVISBQ1Xevf9?alt=proto
                                    Preview:ChgKDQ3RW1FSGgQIVhgCIAEKBw1Xevf9GgA=

                                    Chrome Cache Entry: 75

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15755
                                    Category:downloaded
                                    Size (bytes):5531
                                    Entropy (8bit):7.959252561748488
                                    Encrypted:false
                                    SSDEEP:96:VTDmMXgt+DupJVNRosjYrjoWYyu1rj2rtPz7PR4Ta1w/tK51+FPsMj+m7CvZN8FJ:FDmMwQDupJposcrjoWYj2rtL7PGOCtRp
                                    MD5:20C932851211BE4254786E0812D655B8
                                    SHA1:98292BF09A8031CB5F70B85357A4DB7054F7886F
                                    SHA-256:DE1485F02216071216CC6D4D8C3DABD276DA0047F425561D91FF160348E826AD
                                    SHA-512:E18C02477E6AD71FA74865EEF21A71429E3B54453F7E7562563DEF359A9D6BD87433C643B4D35FDDFF41C67E54E096FD8765EE53AD51B1148A0F9C445A4FE7FC
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
                                    Preview:...........[}w.F...?.b.(..c.i....q....c.%..Mrt..I..(.l.....3 ..d...$...s..}....i.....G...{.e[..\7.+.}.>\.:.......7.6....9p...(.D..a..Q.\hS...n...h.....I...S...H.h...^3...+7I.Z......?.C..F..?OR-.R..57.$../...,.x..O..D...I$.Q.%|..;l"f._.in.5.Sm.%.D.ai]......QHp...{@8....8........5Q....+dD.:.Z.i.h.Q_......6.r../..o6L..c.....A.E.O4.,A.k.!.....8qCby.....'.Oy.20.....Oc."O.4..(.y@w+....[..h.W...Y_.f|wt.....cSMM.4.....O'..5...^4......[..;..{...P....l.j6..Z3..~..uU.~g..W9./.....tC.G.C........3...4..A..o...b.bl.......>....._..h.f.ep.2a>..,G..,...d..G&....dn.....j$..uB.z...Y...d.M.H...r.RA..).g.@.. ...1.......Y..).....s5..v...IN..5../tH..p<..-o.......`&M7uA;..(.@.......,.\.?f.0..[3@...D..|......wi2...=.n!.].)..E7.... .#........8(...?@.G.TO$m.cI^.9...}Z......Zn.d..t]..cC7t.9...=.(..c..h..l..fIp.......O.6.,....G.It.!.g#...l.$\W8...7.s.....{~"..k..X....q......l.>x..={f.n..W.....c..Q..I?..;a..MS>.!5v.h.B+.......q...z.q..^o.>..@..O....X.vd.4.z..Y...

                                    Chrome Cache Entry: 76

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                    Category:dropped
                                    Size (bytes):621
                                    Entropy (8bit):7.673946009263606
                                    Encrypted:false
                                    SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                    MD5:4761405717E938D7E7400BB15715DB1E
                                    SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                    SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                    SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                    Malicious:false
                                    Reputation:low
                                    Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                    Chrome Cache Entry: 77

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:GIF image data, version 89a, 352 x 3
                                    Category:dropped
                                    Size (bytes):3620
                                    Entropy (8bit):6.867828878374734
                                    Encrypted:false
                                    SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                    MD5:B540A8E518037192E32C4FE58BF2DBAB
                                    SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                    SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                    SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                    Malicious:false
                                    Reputation:low
                                    Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                    Chrome Cache Entry: 78

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 406986
                                    Category:downloaded
                                    Size (bytes):116351
                                    Entropy (8bit):7.9975788994031465
                                    Encrypted:true
                                    SSDEEP:1536:cEdtt9lZgVnh9Mq+S8ECUVjeJ9uBGB6QFM2lNSXkbva7/rF3I0nAiW7zMpFOfFlp:f5R6Mq74i6P6r2lNxcrhfnPXFmD6zJk
                                    MD5:FEDAFBAC6D003C0D0DCA6F46FC3305C2
                                    SHA1:19A766D07F77FB5A37435FB94001E6170382DF36
                                    SHA-256:15D89CD4219307695E0C0E02D0A852BCE5F1549DC1C48D0116ED05EEA0747461
                                    SHA-512:E7175F8E39F1AB98B8419FAC92619F1776F93225CEFDDE1A5E4629073677ADD25B2EA77AE113E64EB03A4CF7E58347872D81892DD31BDD0403D2C2DEBA421F19
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
                                    Preview:...........}[[.H........-...."#<$!=.$...{z..O.e..<.pi....Z....,.I.>..L...K....W.....l.._.....r.r...w.S............`...b.E..7....v#>..~%.+.?..Y..1.*S..z.2..i%...,...A.U&^..G.|..UL...VN.0~...Z...Cm....`.......7....Rm...#^I.!.+wco0.|..a........n..(...&X..y%.qe...X..Q9.....-FT.:..............8K`..M.O..Z'....>T...$...x<....6...|.U.].&....f..[..dR..xX.....~?....r..>N.j....9.r?f0y.>.~.x..t.F.*<...Opm..;/....*..Q.._...n.:...f....q<...../.'.A0........o0.....O>m|.....\....zPy.L].Wm......S5.'0.........O.~....._...a7...;..7...S.l>..[.Y.....>;.C....j[0W>,.y9J.....g..x........._.~....g.b.......\...T).8^.<.ag.M`A..o4u...?.v....8....'......:q.6Y..]6...T}P..'!...,..d..F4....8|..]odVcK~.5B........*.i.u.,..%.c.7<..N..T../.f...o...N2.......:h.ew..x.bo.$...6.(..=z..........frk.F.7IB^R.z..~..u...A..>&<4......M.#(.Xt.......k...i.f...,C.q..bY..K#...^.!p..E..j....m.....}IX...7.k\q.z..G..X......y.d..\R.]V.......b.0.o....7..piC.../.px..j..r2.....R.j5m..s..Dw^

                                    Chrome Cache Entry: 79

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                    Category:downloaded
                                    Size (bytes):17174
                                    Entropy (8bit):2.9129715116732746
                                    Encrypted:false
                                    SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                    MD5:12E3DAC858061D088023B2BD48E2FA96
                                    SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                    SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                    SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                    Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                    Chrome Cache Entry: 80

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:GIF image data, version 89a, 352 x 3
                                    Category:dropped
                                    Size (bytes):2672
                                    Entropy (8bit):6.640973516071413
                                    Encrypted:false
                                    SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                    MD5:166DE53471265253AB3A456DEFE6DA23
                                    SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                    SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                    SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                    Malicious:false
                                    Reputation:low
                                    Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                    Chrome Cache Entry: 81

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:JSON data
                                    Category:dropped
                                    Size (bytes):72
                                    Entropy (8bit):4.241202481433726
                                    Encrypted:false
                                    SSDEEP:3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY
                                    MD5:9E576E34B18E986347909C29AE6A82C6
                                    SHA1:532C767978DC2B55854B3CA2D2DF5B4DB221C934
                                    SHA-256:88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
                                    SHA-512:5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124
                                    Malicious:false
                                    Reputation:low
                                    Preview:{"Message":"The requested resource does not support http method 'GET'."}

                                    Chrome Cache Entry: 82

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 56391
                                    Category:downloaded
                                    Size (bytes):16112
                                    Entropy (8bit):7.985400770185779
                                    Encrypted:false
                                    SSDEEP:192:3RCWKuQFsW2AzKFUuU/ZU6gjeDAmfAhPh2WfUeM+SC3U5hOtIJjJzDCXeqJPHMd5:BHWdKqlDfAn2WfURN5gIJZQFEYhgHpn
                                    MD5:466F92DF115AB60E409B52CE9AE7D7F6
                                    SHA1:C66FD8D11F68C34620AF2B168FEA53F5DE4E7E8D
                                    SHA-256:9EB3C48D42144538117B643972D5ADEBE31997CFE7F046C73FFD9742D1AF6DE0
                                    SHA-512:8C612F7F841450282ED43518793D3C361B2ED3BB4565E124E53D68AB2530C48BEF9A8E027713956591332789EAC25448F20E7499D3386E6DE4779641383532BC
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js
                                    Preview:...........}Ms#G.....uh.O=.>...4..p.O$...P.IF4.".K....1..5.......7.|.....S6..w8?......9.j.B1DwUeUeeeefef..f.Oc/._..G.............{..._..%.q..q........j<.w..O.7..."pgbV.C..k.T`..X....'v....<p....I.'..k<j@Ai..NP.6<.w.(...ey.....i8...._V.h.~.{Y....`......6..(.=...wC......es....;.~.....+../.b.E..G.:....(....'.K...&..p2...zu..w.&.?w..b2...F...7...p.M. .n.;..k?.:......i../.M..1Ah...'N]..Ll@..p... ....:N.."*p.. Xx..cL...O..7.z.O.^......s.O..h..V...|1..@.....XL....o..X/by..C..,......0.~$........._.......Z.._...~U).....j...C..`.."..t.z.-..m.]..3y...S@...'.KSzS...4.b......`.....K.[.&....._z..eF.)......'L"..E4...R.._$t.V......=.k..dv.O...b_...8u#...P,a......T..ks........f...?....X..E.."f@a.fn!$......U..B$B...\d........t*......w......\?`q..........0..(...C..!..=.xk....(.w.O..".!b.4...t$g..r...7..|.....m.;(..Y.....V...Y........._a.7./..........y0u...B.TH...].k...^..sOf.2.2'....Ra$.......N........n..#.."...3.."D..)...[...H......vwT...Jh.^.(.....s...e..?....

                                    Chrome Cache Entry: 83

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1017x678, components 3
                                    Category:downloaded
                                    Size (bytes):141233
                                    Entropy (8bit):7.981206634239356
                                    Encrypted:false
                                    SSDEEP:3072:04GtHvtT97Zu/s1Ve8Spy586UTukvTmMOuNLiGG:0RpS0VeBy58LIft
                                    MD5:8412A6F74B196981D3BEE266B17BC756
                                    SHA1:90158D3FBAF87AB9D71D1A854DD1AFF6FB5CE8BA
                                    SHA-256:03EE2BCE70C9BE4D5E3A9B01DED41F4518F9C1050A2552DCD2F3225644937ECC
                                    SHA-512:E6ABEE27870E8A7E9D0F7E4A84AF3A67B6656AF055B16B16CA1AA7C0338888C548FF064D126E532ACEE1DD6BAC62730C40AA177FBDF1576E9719F0C40E893698
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauthimages.net/81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131
                                    Preview:......JFIF.....H.H.....C...........................#.%$"."!&+7/&)4)!"0A149;>>>%.DIC<H7=>;...C...........;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;..........."....................................................................................|.'....:...NQwI.a..z>..I...d.:.N...f.S'zf..N...d.:.N...h._\.+jTu....A..vdiY....V*..)x..p..;3k.....Y....Bl.|.Z._1...`...:..2L..Y.u1.O.....4.`........GY...*.A....(D....|...j.[9.$T...;..4[..c(..%..P_.....&.Tv.>.i..U..=.......Y...:FN........d.:.N...d.:.N...d.:.N..*N....n.U....{R.6...&.l..9....Nj.7*.:.&.-...Y..L..+y.r.J...MZi...65..lk.....6....8LccP.l..].....1.T...5.J.WJ/...."...x..[......,nPI .$..X.F.@...].R....).2uL.S'T..2uL.S'T..2uL.S'T..2uL.S:T.R..d.:.N...N.S:.N.;).''...S.e..I*N.6Bvgt.F\.1C...R....0...B.Q.x.kQ...r.J+......r..q.TJmU9N.A.)RN..z<..2.I(.e8.;.g\<.z.U8.`.gWX4.t..0....=kS.y...s.u..TT.EI....:.N...d.:.N...d.:.N....uL.S'T..L.S'T..2uL.S:B.*.u..K:zV1..M...p.>...JI....UB-.yT..)KSe.5.Z!U..7SP

                                    Chrome Cache Entry: 84

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113769
                                    Category:downloaded
                                    Size (bytes):35167
                                    Entropy (8bit):7.9940882099284245
                                    Encrypted:true
                                    SSDEEP:768:7hZ+Bu8B8u9cTsNFEe8KT5ZRsn/lxN9VICF+wXEg5dPZ1l:x8+u6Tk8Q5MnND/+wUgnPXl
                                    MD5:157CD264060EC0AA768C58FA5E3BCD45
                                    SHA1:C11F015567C602806D9B2FAA5FB5C36ED15D2BF2
                                    SHA-256:5AA014AA67DDC6E040E1F60BBE3B7E810809759B561E391A9B8F84A93827E07B
                                    SHA-512:556C196743A9CF18D0F5EE8557ACBD4867DA253BBBFEFB9539E6C6CCF983351A9FDC3CE5209018771B72A2616AFB643DA914298FA5EC57EE1D5D871C27A68C21
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
                                    Preview:...........kC.H.0......e....0.pX..Iv3..\f..0YY.m..e$.K..o...j..g.3.lpW.......[..Y.?k.Y.......8~.a..../_.;]{.............v...0..q.Dk.w...h-....Z<..l.fA..k3.7..dm....b..-...(,.$...4...f...e...AV..z.mA....O.9........k..h-.......<Z[.GQ.v3....Oq..y:..(..k.$_...._..h-...q..S.ck.=.T......Sq@.:.A.c.(....SDq..Ac.t..m.$Lc....Z...K...O<....f9..p...0Z..3.<...$YK.x.F......v....nm..s$...&..dQ4.......n-.-.......E.XD..-5~...f.....t...-_.....fsg...8kZ..|.{{....p+Lg.t9I..P./ap......o9Wx.._{....k..,...............................7.|..t...Ax.7..b..v..v.m-...~v...:....r..._........,...A........:..x.>.y..u....N...\s...).......<?._.........%.jC..~..=.....O._j.h.,...O@..9.RN@.0.t>..K.....`......!^.......".~.........g.$:.O...b>..m.M.........y_p.. .....V..No...$T.;.b....[ ..z.....t...N.g5...._c.....I....l_.l_.."..._oz..^lM....hc..^l..-.0M..'[.....,...A....7X....O^...y..&.i.f.....lE nGQ=...........y$?.cB.+h..2...n).9.....kb.Cdg....^'...."..Q:^.z.j~.......

                                    Chrome Cache Entry: 85

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:GIF image data, version 89a, 352 x 3
                                    Category:downloaded
                                    Size (bytes):2672
                                    Entropy (8bit):6.640973516071413
                                    Encrypted:false
                                    SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                    MD5:166DE53471265253AB3A456DEFE6DA23
                                    SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                    SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                    SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                    Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                    Chrome Cache Entry: 86

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:GIF image data, version 89a, 352 x 3
                                    Category:downloaded
                                    Size (bytes):3620
                                    Entropy (8bit):6.867828878374734
                                    Encrypted:false
                                    SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                    MD5:B540A8E518037192E32C4FE58BF2DBAB
                                    SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                    SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                    SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                    Malicious:false
                                    Reputation:low
                                    URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                    Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                    Chrome Cache Entry: 87

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                    Category:dropped
                                    Size (bytes):17174
                                    Entropy (8bit):2.9129715116732746
                                    Encrypted:false
                                    SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                    MD5:12E3DAC858061D088023B2BD48E2FA96
                                    SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                    SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                    SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                    Malicious:false
                                    Reputation:low
                                    Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                    Chrome Cache Entry: 88

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 56391
                                    Category:dropped
                                    Size (bytes):16112
                                    Entropy (8bit):7.985400770185779
                                    Encrypted:false
                                    SSDEEP:192:3RCWKuQFsW2AzKFUuU/ZU6gjeDAmfAhPh2WfUeM+SC3U5hOtIJjJzDCXeqJPHMd5:BHWdKqlDfAn2WfURN5gIJZQFEYhgHpn
                                    MD5:466F92DF115AB60E409B52CE9AE7D7F6
                                    SHA1:C66FD8D11F68C34620AF2B168FEA53F5DE4E7E8D
                                    SHA-256:9EB3C48D42144538117B643972D5ADEBE31997CFE7F046C73FFD9742D1AF6DE0
                                    SHA-512:8C612F7F841450282ED43518793D3C361B2ED3BB4565E124E53D68AB2530C48BEF9A8E027713956591332789EAC25448F20E7499D3386E6DE4779641383532BC
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........}Ms#G.....uh.O=.>...4..p.O$...P.IF4.".K....1..5.......7.|.....S6..w8?......9.j.B1DwUeUeeeefef..f.Oc/._..G.............{..._..%.q..q........j<.w..O.7..."pgbV.C..k.T`..X....'v....<p....I.'..k<j@Ai..NP.6<.w.(...ey.....i8...._V.h.~.{Y....`......6..(.=...wC......es....;.~.....+../.b.E..G.:....(....'.K...&..p2...zu..w.&.?w..b2...F...7...p.M. .n.;..k?.:......i../.M..1Ah...'N]..Ll@..p... ....:N.."*p.. Xx..cL...O..7.z.O.^......s.O..h..V...|1..@.....XL....o..X/by..C..,......0.~$........._.......Z.._...~U).....j...C..`.."..t.z.-..m.]..3y...S@...'.KSzS...4.b......`.....K.[.&....._z..eF.)......'L"..E4...R.._$t.V......=.k..dv.O...b_...8u#...P,a......T..ks........f...?....X..E.."f@a.fn!$......U..B$B...\d........t*......w......\?`q..........0..(...C..!..=.xk....(.w.O..".!b.4...t$g..r...7..|.....m.;(..Y.....V...Y........._a.7./..........y0u...B.TH...].k...^..sOf.2.2'....Ra$.......N........n..#.."...3.."D..)...[...H......vwT...Jh.^.(.....s...e..?....

                                    Chrome Cache Entry: 89

                                    Download File
                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15755
                                    Category:dropped
                                    Size (bytes):5531
                                    Entropy (8bit):7.959252561748488
                                    Encrypted:false
                                    SSDEEP:96:VTDmMXgt+DupJVNRosjYrjoWYyu1rj2rtPz7PR4Ta1w/tK51+FPsMj+m7CvZN8FJ:FDmMwQDupJposcrjoWYj2rtL7PGOCtRp
                                    MD5:20C932851211BE4254786E0812D655B8
                                    SHA1:98292BF09A8031CB5F70B85357A4DB7054F7886F
                                    SHA-256:DE1485F02216071216CC6D4D8C3DABD276DA0047F425561D91FF160348E826AD
                                    SHA-512:E18C02477E6AD71FA74865EEF21A71429E3B54453F7E7562563DEF359A9D6BD87433C643B4D35FDDFF41C67E54E096FD8765EE53AD51B1148A0F9C445A4FE7FC
                                    Malicious:false
                                    Reputation:low
                                    Preview:...........[}w.F...?.b.(..c.i....q....c.%..Mrt..I..(.l.....3 ..d...$...s..}....i.....G...{.e[..\7.+.}.>\.:.......7.6....9p...(.D..a..Q.\hS...n...h.....I...S...H.h...^3...+7I.Z......?.C..F..?OR-.R..57.$../...,.x..O..D...I$.Q.%|..;l"f._.in.5.Sm.%.D.ai]......QHp...{@8....8........5Q....+dD.:.Z.i.h.Q_......6.r../..o6L..c.....A.E.O4.,A.k.!.....8qCby.....'.Oy.20.....Oc."O.4..(.y@w+....[..h.W...Y_.f|wt.....cSMM.4.....O'..5...^4......[..;..{...P....l.j6..Z3..~..uU.~g..W9./.....tC.G.C........3...4..A..o...b.bl.......>....._..h.f.ep.2a>..,G..,...d..G&....dn.....j$..uB.z...Y...d.M.H...r.RA..).g.@.. ...1.......Y..).....s5..v...IN..5../tH..p<..-o.......`&M7uA;..(.@.......,.\.?f.0..[3@...D..|......wi2...=.n!.].)..E7.... .#........8(...?@.G.TO$m.cI^.9...}Z......Zn.d..t]..cC7t.9...=.(..c..h..l..fIp.......O.6.,....G.It.!.g#...l.$\W8...7.s.....{~"..k..X....q......l.>x..={f.n..W.....c..Q..I?..;a..MS>.!5v.h.B+.......q...z.q..^o.>..@..O....X.vd.4.z..Y...

                                    Static File Info

                                    No static file info

                                    Network Behavior

                                    Network Port Distribution

                                    TCP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Aug 29, 2024 06:42:13.124664068 CEST49675443192.168.2.4173.222.162.32
                                    Aug 29, 2024 06:42:22.732351065 CEST49675443192.168.2.4173.222.162.32
                                    Aug 29, 2024 06:42:22.953566074 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.953620911 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:22.953685999 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.954103947 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.954113007 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:22.954188108 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.954302073 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.954318047 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:22.954499960 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:22.954507113 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:23.932782888 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:23.934952974 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:23.982827902 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:23.982827902 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.350296974 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.350331068 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.350714922 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.350732088 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.350891113 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.350986958 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.351171017 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.351224899 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.351624012 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.351660013 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.351914883 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.351973057 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.359390974 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.359462023 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.359652996 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.359726906 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.362777948 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.362785101 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.404437065 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.404438019 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.404457092 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.452008009 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.676162958 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.676240921 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.676285982 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.679744005 CEST49736443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.679750919 CEST44349736103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.681623936 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.728498936 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.738975048 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:24.738996029 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:24.739072084 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:24.739722967 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:24.739737988 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:24.995826006 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.995899916 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:24.995954037 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.996376038 CEST49735443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:24.996397018 CEST44349735103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:25.263380051 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:25.263402939 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:25.263463020 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:25.265860081 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:25.265871048 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:25.374783039 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:25.377680063 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:25.377696037 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:25.378706932 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:25.378762960 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:25.381206989 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:25.381273031 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:25.393100023 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:25.393142939 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:25.393199921 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:25.393798113 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:25.393810034 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:25.421940088 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:25.421948910 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:25.466902971 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:25.912447929 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:25.912655115 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:25.917839050 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:25.917850018 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:25.918540001 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:25.965784073 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.025176048 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.068500996 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.211435080 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.211513042 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.211733103 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.228856087 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.228856087 CEST49740443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.228868961 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.228878975 CEST44349740184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.282727003 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.286377907 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.286405087 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.287498951 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.287878990 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.293771982 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.293874025 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.298136950 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.298165083 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.328185081 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.328212976 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.328372955 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.328571081 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.328584909 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.345143080 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.809438944 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.809500933 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.809525013 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.809549093 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.809591055 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.813014984 CEST49741443192.168.2.4103.138.128.66
                                    Aug 29, 2024 06:42:26.813029051 CEST44349741103.138.128.66192.168.2.4
                                    Aug 29, 2024 06:42:26.972625971 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.972696066 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.976738930 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:26.976746082 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.976979017 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:26.980607986 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:27.024504900 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:27.254858971 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:27.254923105 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:27.254975080 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:27.257144928 CEST49742443192.168.2.4184.28.90.27
                                    Aug 29, 2024 06:42:27.257157087 CEST44349742184.28.90.27192.168.2.4
                                    Aug 29, 2024 06:42:28.489886045 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:28.489942074 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:28.490010023 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:28.490401983 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:28.490412951 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.141383886 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.141799927 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.141808033 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.142797947 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.142844915 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.144552946 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.144634962 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.144903898 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.144908905 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.191446066 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.251720905 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251749039 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251755953 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251791000 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251806974 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.251816034 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251823902 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.251854897 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.251872063 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.333990097 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.334009886 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.334059954 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.334069014 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.334130049 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.334148884 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.339977980 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340001106 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340032101 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340039015 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.340044022 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340089083 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.340095997 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340106964 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.340138912 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.345273972 CEST49744443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:29.345287085 CEST4434974413.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:29.370168924 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:29.370275974 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:29.370335102 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:29.370635986 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:29.370687962 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.006169081 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.006401062 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.006421089 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.007441998 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.007514000 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.007895947 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.007951975 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.008133888 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.008140087 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.050601006 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.114294052 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114315033 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114322901 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114336014 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114362955 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114367008 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.114392996 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.114406109 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.114413977 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.114438057 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.195776939 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.195801973 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.195854902 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.195875883 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.195918083 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198556900 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198585033 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198620081 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198625088 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198631048 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198671103 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198677063 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198700905 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198718071 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198743105 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198941946 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198956966 CEST4434974713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:30.198966026 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.198995113 CEST49747443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:30.983656883 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.983701944 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:30.983870029 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.985207081 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.985224009 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:30.993823051 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.993846893 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.993855953 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:30.993858099 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:30.993918896 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.993941069 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.994209051 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.994226933 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:30.994388103 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:30.994400024 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.650279045 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.650576115 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.650587082 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.650924921 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.651278973 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.651334047 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.651454926 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.665597916 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.665697098 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.665798903 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.665819883 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.665899038 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.665916920 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.666244984 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.666541100 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.666604042 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.666647911 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.666846991 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.666902065 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.667283058 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.667337894 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.667551041 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.667557001 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.696502924 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.708501101 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.715056896 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.715061903 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.761917114 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.761954069 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.761969090 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.762043953 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.762057066 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.762116909 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.770944118 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.770965099 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.770973921 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.771008968 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.771033049 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.771033049 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.771051884 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.771095991 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.771120071 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.772926092 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.772945881 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.772953033 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.772983074 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.772994041 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.773005962 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.773015022 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.773036957 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.773051977 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.773056984 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.773070097 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.773092985 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.773123980 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.775695086 CEST49753443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.775708914 CEST4434975313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.778955936 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:31.778995991 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:31.779062033 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:31.779294014 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:31.779306889 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:31.850153923 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.850256920 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.850260973 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.850303888 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.850683928 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.850704908 CEST4434975113.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.850713015 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.850753069 CEST49751443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.860719919 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.860747099 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.860783100 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.860790968 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.860865116 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.861918926 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.861933947 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.861973047 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.861979008 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.862029076 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.862051010 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.951517105 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.951550007 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.951623917 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.951632977 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.951678991 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.951678991 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.951997042 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.952013969 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.952095032 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.952100039 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.952143908 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.953739882 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.953757048 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.953804016 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.953809977 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.953849077 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.953896046 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.954430103 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.954443932 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.954508066 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:31.954513073 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:31.954543114 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.042215109 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.042279005 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.042327881 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.042339087 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.042867899 CEST49752443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.042886972 CEST4434975213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.051054001 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.051112890 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.051170111 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.051531076 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.051556110 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.066231966 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.066248894 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.066325903 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.067013025 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.067024946 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.433084965 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.433365107 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.433388948 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.433720112 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.434199095 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.434258938 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.434386969 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.476502895 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.536778927 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.536822081 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.536835909 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.536956072 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.536978960 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.537097931 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.538146973 CEST49757443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.538158894 CEST4434975713.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.698790073 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.699284077 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.699311972 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.699662924 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.703569889 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.703665018 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.703834057 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.717180014 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.729446888 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.729454994 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.730524063 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.730675936 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.731081963 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.731081963 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.731091976 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.731144905 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.748508930 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.781364918 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.781373024 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.807790041 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.807816029 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.807831049 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.807961941 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.807996988 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.809200048 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.829193115 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.839895964 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.839932919 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.839942932 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.839962959 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.839972973 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.839981079 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.840078115 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.840078115 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.840086937 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.841708899 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.891094923 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.891114950 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.891210079 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.891242981 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.891489983 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.892292976 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.892306089 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.892395020 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.892395020 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.892431974 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.892821074 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.927386999 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.927400112 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.927426100 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.927437067 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.927458048 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.927463055 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.927489042 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.927611113 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.929303885 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.929341078 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.929430008 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.929430008 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.929435968 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:32.931037903 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:32.978045940 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.978064060 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.978209972 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.978240013 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.978408098 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.979876041 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.979891062 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.980112076 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.980133057 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.980298042 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.980911970 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.980926991 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.981014013 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.981030941 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.981159925 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.982660055 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.982673883 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.982764959 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:32.982781887 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:32.982878923 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.015362978 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.015400887 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.015463114 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.015491962 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.015491962 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.015542984 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.015964985 CEST49760443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.015970945 CEST4434976013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.045748949 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.045769930 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.045841932 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.046478987 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.046493053 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.056631088 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.056655884 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.056807041 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.057003975 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.057017088 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.065227985 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.065309048 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.065346003 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.065442085 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.092096090 CEST49759443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.092133045 CEST4434975913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.096546888 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.096560001 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.096800089 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.097575903 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.097589016 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.716785908 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.717530012 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.717546940 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.717879057 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.718844891 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.718909979 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.719219923 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.736620903 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.736931086 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.736939907 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.737317085 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.738102913 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.738178968 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.738265991 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.748018026 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.748289108 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.748300076 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.748667955 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.748959064 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.749023914 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.749089003 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.760508060 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.784502029 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.792501926 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.827198982 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.827222109 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.827235937 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.827286005 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.827299118 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.827330112 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.827348948 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.842444897 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.842467070 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.842482090 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.842519045 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.842534065 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.842565060 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.842566013 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.842596054 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.842622042 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.843637943 CEST49762443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.843647957 CEST4434976213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.849132061 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.849153996 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.849206924 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.849435091 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.849447012 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.888235092 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.888262987 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.888277054 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.888328075 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.888339043 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.888381004 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.913847923 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.913876057 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.913921118 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.913928986 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.913975000 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.913990974 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.915301085 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.915323973 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.915357113 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.915363073 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:33.915394068 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.915412903 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:33.976449966 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.976469994 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.976517916 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.976526976 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.976572990 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.978379011 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.978394985 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.978425026 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.978473902 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:33.978477955 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:33.978517056 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.006176949 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.006228924 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.006252050 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.006267071 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.006278992 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.006294012 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.006323099 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.006849051 CEST49761443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.006855965 CEST4434976113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.066351891 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.066370964 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.066425085 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.066435099 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.066479921 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.066955090 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.066971064 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.067018032 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.067024946 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.067063093 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.068777084 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.068790913 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.068851948 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.068857908 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.068892002 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.070557117 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070571899 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070621014 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.070627928 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070656061 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.070667028 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.070704937 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070749044 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.070755005 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070785046 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.070826054 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.071480989 CEST49763443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.071486950 CEST4434976313.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.078800917 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.078821898 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.078867912 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.079313993 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.079332113 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.106393099 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.106405973 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.106470108 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.107296944 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.107310057 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.108300924 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.108314037 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.108371019 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.108839035 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.108846903 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.108902931 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.109469891 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.109483004 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.109602928 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.109613895 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.514775038 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.515177965 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.515187025 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.515552998 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.516011953 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.516011953 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.516072989 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.561686039 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.621794939 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621815920 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621824980 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621855974 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621886015 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621887922 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.621900082 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.621937990 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.621937990 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.621989965 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.622651100 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.622710943 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.622740030 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.623002052 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.623006105 CEST4434976413.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.623080015 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.623080015 CEST49764443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.728260040 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.728538990 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.728560925 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.729026079 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.729499102 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.729499102 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.729559898 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.750597000 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.750771999 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.750854015 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.750865936 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751132011 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.751140118 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751192093 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751478910 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751509905 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.751574039 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751749992 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.751811028 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.751841068 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.751936913 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.756241083 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.756433964 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.756442070 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.757477045 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.757611990 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.757934093 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.757934093 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.757946014 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.757994890 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.780097008 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.792509079 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.795568943 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.795576096 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.810770988 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.810776949 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.832494974 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832521915 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832530022 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832556963 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832585096 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.832591057 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832597971 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.832650900 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.832650900 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.857193947 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.863010883 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.863033056 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.863089085 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.863161087 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.863162041 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.864037991 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.864063025 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.864120007 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.864146948 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.864391088 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.864633083 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.864655972 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.864835978 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.865187883 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.866911888 CEST49767443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.866925001 CEST4434976713.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.871102095 CEST49768443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.871113062 CEST4434976813.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.872304916 CEST49766443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.872318029 CEST4434976613.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.885006905 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.885032892 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.885273933 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.885776043 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.885790110 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.899836063 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.899844885 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.899930954 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.905813932 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.905824900 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.911096096 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.911113024 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.911505938 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.913588047 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.913599968 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.917121887 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.917143106 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.917161942 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.917181015 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.917282104 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.917283058 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.917293072 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.917359114 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.917799950 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:34.917814970 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:34.920571089 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.920588017 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.920696974 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.920702934 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:34.920809031 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:34.923484087 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:34.923491955 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:34.923873901 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:34.927099943 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:34.927114964 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:34.977854967 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:34.977869987 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:34.977942944 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:34.981127024 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:34.981142044 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.004010916 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.004035950 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.004110098 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.004111052 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.004118919 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.004183054 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.004800081 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.004816055 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.004889965 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.004895926 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.005054951 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.005264044 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.005279064 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.005297899 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.005346060 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.005350113 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.005412102 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.007740974 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.007797956 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.008034945 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.008042097 CEST4434976513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.008065939 CEST49765443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.419855118 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:35.419938087 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:35.420070887 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:35.604909897 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.605156898 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.605168104 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.605448961 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.605469942 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.605581999 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.605592012 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.605686903 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.605698109 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.605854988 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.605976105 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.606369019 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.606448889 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.606689930 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.606767893 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.606777906 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.606864929 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.606909990 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.606976032 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.607320070 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.607374907 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.607381105 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.607472897 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.607480049 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.607690096 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.607698917 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.608120918 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.610522985 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.610589027 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.610821962 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.613068104 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.613271952 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.613280058 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.614391088 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.614461899 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.615712881 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.615773916 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.615926027 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.648500919 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.648507118 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.652503967 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.654989004 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.660500050 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.670694113 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.670705080 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:35.706717014 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706739902 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706794977 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.706804991 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706815004 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706835985 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706847906 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.706897974 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.706906080 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.706989050 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.707041025 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.707134008 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.707294941 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.707344055 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.707798004 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.707815886 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.707854986 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.707868099 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.707928896 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.707982063 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.711684942 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.711710930 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.711760998 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.711772919 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.712081909 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.712120056 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.719314098 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:35.720489979 CEST49771443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.720496893 CEST4434977113.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.748420000 CEST49770443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.748425007 CEST4434977013.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.748814106 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:35.750714064 CEST49772443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:35.750725031 CEST4434977213.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:35.751554966 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:35.751563072 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:35.752417088 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:35.752484083 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:35.755959988 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:35.756012917 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:35.756202936 CEST49769443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.756207943 CEST4434976913.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.756844044 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:35.756850958 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:35.797450066 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:35.848213911 CEST49739443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:42:35.848242044 CEST44349739142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:42:35.848685026 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.848718882 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:35.848777056 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.849371910 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:35.849387884 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.328157902 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:36.328238964 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:36.328385115 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:36.398597956 CEST49774443192.168.2.440.126.28.18
                                    Aug 29, 2024 06:42:36.398622990 CEST4434977440.126.28.18192.168.2.4
                                    Aug 29, 2024 06:42:36.484201908 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.484852076 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.484863997 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.485188961 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.485507965 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.485569954 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.485667944 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.528507948 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.530926943 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.583384991 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.583623886 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.583674908 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.583684921 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.583723068 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.584378004 CEST49776443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:36.584391117 CEST4434977613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:36.731389046 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.731415987 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:36.731484890 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.732131958 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.732146978 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:36.733783960 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.733804941 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:36.733899117 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.736897945 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:36.736911058 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:36.838361979 CEST4972380192.168.2.4199.232.210.172
                                    Aug 29, 2024 06:42:36.843909979 CEST8049723199.232.210.172192.168.2.4
                                    Aug 29, 2024 06:42:36.843992949 CEST4972380192.168.2.4199.232.210.172
                                    Aug 29, 2024 06:42:37.034527063 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036185026 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036194086 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036206007 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036237955 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036257982 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.036282063 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.036295891 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.036330938 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.243268013 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243277073 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243324041 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243340969 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.243360996 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243390083 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243397951 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243397951 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.243417025 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.243422031 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.243467093 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.243494987 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.248110056 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.248127937 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.248218060 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.248225927 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.248277903 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.249039888 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.249056101 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.249140024 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.249145985 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.249190092 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.251652956 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.251667023 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.251720905 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.251725912 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.251759052 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.251777887 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.252998114 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.253015995 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.253066063 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.253071070 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.253108978 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.253117085 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.271471024 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.301068068 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301085949 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301181078 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.301189899 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301224947 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.301839113 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301882029 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301899910 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.301908016 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301922083 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.301960945 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.369030952 CEST49773443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.369048119 CEST44349773152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.432928085 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.434264898 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.434283972 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.434600115 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.435904026 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.435964108 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.436160088 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.437212944 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.440207005 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.440217018 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.440551043 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.443064928 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.443134069 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.443753004 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.476501942 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.484493017 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.500649929 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.500677109 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.500739098 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.500916004 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:37.500930071 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:37.534017086 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.534089088 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.534367085 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.535955906 CEST49779443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.535968065 CEST4434977913.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.545571089 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.545598030 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.545612097 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.545680046 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.545691013 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.545738935 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.559776068 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.559799910 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:37.559956074 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.560424089 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.560441971 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:37.634625912 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.634660006 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.634731054 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.634738922 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.634772062 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.634790897 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.635488987 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.635535002 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.635540009 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.635555029 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.635597944 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.759948015 CEST49780443192.168.2.413.107.246.73
                                    Aug 29, 2024 06:42:37.759954929 CEST4434978013.107.246.73192.168.2.4
                                    Aug 29, 2024 06:42:37.791515112 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.791537046 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:37.791619062 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.791822910 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:37.791836977 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.324194908 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.341986895 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.373720884 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.389327049 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.421845913 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.421854973 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.422311068 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.422319889 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.422770977 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.423154116 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.423207045 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.428013086 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.428085089 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.430046082 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.430119991 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.430747032 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.430831909 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.430840015 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.437875032 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.440344095 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.440356016 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.440712929 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.443604946 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.443670034 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.443691969 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.476505041 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.483071089 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.484508038 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.498706102 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.538742065 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.538819075 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.538897038 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.543143034 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543164968 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543171883 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543210030 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543226004 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543235064 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543243885 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.543252945 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.543262959 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.543287992 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.543293953 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.618307114 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623115063 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623122931 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623140097 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623147011 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623148918 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623181105 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.623199940 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623209953 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.623219013 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.623231888 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.630858898 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.630880117 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.630986929 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.630995035 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.631017923 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.631072044 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.631097078 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.631114006 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.670583010 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.711836100 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.711846113 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.711877108 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.711891890 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.711929083 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.711936951 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.711981058 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.712703943 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.712711096 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.712742090 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.712758064 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.712768078 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.712776899 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.712786913 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.712817907 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.803746939 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.803770065 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.803822994 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.803841114 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.803864956 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.803884983 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.804873943 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.804893970 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.804954052 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.804960966 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.804970026 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.804997921 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.805481911 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.805500984 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.805538893 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.805547953 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.805576086 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.805588007 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.806483030 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.806499004 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.806548119 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.806555033 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.806610107 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.896445036 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896486044 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896527052 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.896536112 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896548986 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896564007 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896576881 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.896601915 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.896610022 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896642923 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:42:38.896684885 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.928210020 CEST49785443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.928231001 CEST4434978513.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.936499119 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.937087059 CEST49786443192.168.2.413.107.246.60
                                    Aug 29, 2024 06:42:38.937094927 CEST4434978613.107.246.60192.168.2.4
                                    Aug 29, 2024 06:42:38.937791109 CEST49784443192.168.2.4152.199.21.175
                                    Aug 29, 2024 06:42:38.937803030 CEST44349784152.199.21.175192.168.2.4
                                    Aug 29, 2024 06:43:24.787540913 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:24.787590027 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:24.787661076 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:24.787887096 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:24.787909031 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:25.426578999 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:25.467470884 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:25.666002989 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:25.666021109 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:25.666479111 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:25.667318106 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:25.667387009 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:25.717475891 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:25.967942953 CEST4972480192.168.2.4199.232.210.172
                                    Aug 29, 2024 06:43:25.973086119 CEST8049724199.232.210.172192.168.2.4
                                    Aug 29, 2024 06:43:25.973145008 CEST4972480192.168.2.4199.232.210.172
                                    Aug 29, 2024 06:43:35.342289925 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:35.342361927 CEST44349795142.250.186.164192.168.2.4
                                    Aug 29, 2024 06:43:35.342433929 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:35.834331989 CEST49795443192.168.2.4142.250.186.164
                                    Aug 29, 2024 06:43:35.834357023 CEST44349795142.250.186.164192.168.2.4

                                    UDP Packets

                                    TimestampSource PortDest PortSource IPDest IP
                                    Aug 29, 2024 06:42:20.819956064 CEST53637921.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:20.827558041 CEST53551581.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:21.924321890 CEST5813053192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:21.931782961 CEST5787553192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:21.946866989 CEST53578191.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:22.215179920 CEST53578751.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:22.939116001 CEST5661653192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:22.952677965 CEST53581301.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:22.969860077 CEST53566161.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:24.729903936 CEST5873153192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:24.730417967 CEST5879653192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:24.736821890 CEST53587311.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:24.736922026 CEST53587961.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:25.365690947 CEST5195553192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:25.366266966 CEST6308153192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:25.388065100 CEST53519551.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:25.392081976 CEST53630811.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:26.819571972 CEST6106153192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:26.820152998 CEST5702653192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:30.443721056 CEST5835953192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:30.443984985 CEST6249353192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:30.979152918 CEST5910753192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:30.979762077 CEST6005553192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:30.986397982 CEST53591071.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:30.986993074 CEST53600551.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:34.914331913 CEST5790153192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:34.914331913 CEST6147353192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:34.966615915 CEST5977053192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:34.966615915 CEST6282753192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:34.973232985 CEST53628271.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:34.973762989 CEST53597701.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:36.056860924 CEST138138192.168.2.4192.168.2.255
                                    Aug 29, 2024 06:42:36.826997995 CEST53652451.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:37.492667913 CEST6182053192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:37.493066072 CEST6342353192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:37.817349911 CEST5839953192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:37.817624092 CEST5636053192.168.2.41.1.1.1
                                    Aug 29, 2024 06:42:39.094405890 CEST53570701.1.1.1192.168.2.4
                                    Aug 29, 2024 06:42:58.490592003 CEST53533841.1.1.1192.168.2.4
                                    Aug 29, 2024 06:43:21.242964983 CEST53633411.1.1.1192.168.2.4
                                    Aug 29, 2024 06:43:21.243535042 CEST53640561.1.1.1192.168.2.4
                                    Aug 29, 2024 06:43:31.376302004 CEST6292353192.168.2.41.1.1.1
                                    Aug 29, 2024 06:43:31.376720905 CEST5832753192.168.2.41.1.1.1

                                    ICMP Packets

                                    TimestampSource IPDest IPChecksumCodeType
                                    Aug 29, 2024 06:42:20.820019960 CEST192.168.2.41.1.1.1c22c(Port unreachable)Destination Unreachable
                                    Aug 29, 2024 06:42:22.969948053 CEST192.168.2.41.1.1.1c22f(Port unreachable)Destination Unreachable

                                    DNS Queries

                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                    Aug 29, 2024 06:42:21.924321890 CEST192.168.2.41.1.1.10x26d1Standard query (0)australianfoodandfibre.servicedeskplus.net.auA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:21.931782961 CEST192.168.2.41.1.1.10xa724Standard query (0)australianfoodandfibre.servicedeskplus.net.au65IN (0x0001)false
                                    Aug 29, 2024 06:42:22.939116001 CEST192.168.2.41.1.1.10x36dcStandard query (0)australianfoodandfibre.servicedeskplus.net.auA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:24.729903936 CEST192.168.2.41.1.1.10x2be8Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:24.730417967 CEST192.168.2.41.1.1.10x4566Standard query (0)www.google.com65IN (0x0001)false
                                    Aug 29, 2024 06:42:25.365690947 CEST192.168.2.41.1.1.10x7550Standard query (0)accounts.zoho.com.auA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:25.366266966 CEST192.168.2.41.1.1.10xb97fStandard query (0)accounts.zoho.com.au65IN (0x0001)false
                                    Aug 29, 2024 06:42:26.819571972 CEST192.168.2.41.1.1.10xe7b2Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:26.820152998 CEST192.168.2.41.1.1.10x7788Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                    Aug 29, 2024 06:42:30.443721056 CEST192.168.2.41.1.1.10x692bStandard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.443984985 CEST192.168.2.41.1.1.10xa5e7Standard query (0)identity.nel.measure.office.net65IN (0x0001)false
                                    Aug 29, 2024 06:42:30.979152918 CEST192.168.2.41.1.1.10x97d2Standard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.979762077 CEST192.168.2.41.1.1.10x39c4Standard query (0)aadcdn.msftauth.net65IN (0x0001)false
                                    Aug 29, 2024 06:42:34.914331913 CEST192.168.2.41.1.1.10x5369Standard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.914331913 CEST192.168.2.41.1.1.10x4fcaStandard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                    Aug 29, 2024 06:42:34.966615915 CEST192.168.2.41.1.1.10xbfbeStandard query (0)autologon.microsoftazuread-sso.com65IN (0x0001)false
                                    Aug 29, 2024 06:42:34.966615915 CEST192.168.2.41.1.1.10x6bc4Standard query (0)autologon.microsoftazuread-sso.comA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.492667913 CEST192.168.2.41.1.1.10x196bStandard query (0)aadcdn.msauthimages.netA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.493066072 CEST192.168.2.41.1.1.10xe1b7Standard query (0)aadcdn.msauthimages.net65IN (0x0001)false
                                    Aug 29, 2024 06:42:37.817349911 CEST192.168.2.41.1.1.10x3433Standard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.817624092 CEST192.168.2.41.1.1.10x7ab0Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                    Aug 29, 2024 06:43:31.376302004 CEST192.168.2.41.1.1.10xc65Standard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:43:31.376720905 CEST192.168.2.41.1.1.10xec33Standard query (0)identity.nel.measure.office.net65IN (0x0001)false

                                    DNS Answers

                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                    Aug 29, 2024 06:42:22.215179920 CEST1.1.1.1192.168.2.40xa724No error (0)australianfoodandfibre.servicedeskplus.net.auzs-au1-lc1-h2.servicedeskplus.net.auCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:22.952677965 CEST1.1.1.1192.168.2.40x26d1No error (0)australianfoodandfibre.servicedeskplus.net.auzs-au1-lc1-h2.servicedeskplus.net.auCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:22.952677965 CEST1.1.1.1192.168.2.40x26d1No error (0)zs-au1-lc1-h2.servicedeskplus.net.au103.138.128.66A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:22.969860077 CEST1.1.1.1192.168.2.40x36dcNo error (0)australianfoodandfibre.servicedeskplus.net.auzs-au1-lc1-h2.servicedeskplus.net.auCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:22.969860077 CEST1.1.1.1192.168.2.40x36dcNo error (0)zs-au1-lc1-h2.servicedeskplus.net.au103.138.128.66A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:24.736821890 CEST1.1.1.1192.168.2.40x2be8No error (0)www.google.com142.250.186.164A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:24.736922026 CEST1.1.1.1192.168.2.40x4566No error (0)www.google.com65IN (0x0001)false
                                    Aug 29, 2024 06:42:25.388065100 CEST1.1.1.1192.168.2.40x7550No error (0)accounts.zoho.com.auzs-au1-lc1-h2.zoho.com.auCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:25.388065100 CEST1.1.1.1192.168.2.40x7550No error (0)zs-au1-lc1-h2.zoho.com.au103.138.128.66A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:25.392081976 CEST1.1.1.1192.168.2.40xb97fNo error (0)accounts.zoho.com.auzs-au1-lc1-h2.zoho.com.auCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:26.826173067 CEST1.1.1.1192.168.2.40xe7b2No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:26.826878071 CEST1.1.1.1192.168.2.40x7788No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:28.472161055 CEST1.1.1.1192.168.2.40xbeedNo error (0)shed.dual-low.s-part-0045.t-0009.t-msedge.nets-part-0045.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:28.472161055 CEST1.1.1.1192.168.2.40xbeedNo error (0)s-part-0045.t-0009.t-msedge.net13.107.246.73A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:29.368508101 CEST1.1.1.1192.168.2.40x7cc9No error (0)shed.dual-low.s-part-0032.t-0009.t-msedge.nets-part-0032.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:29.368508101 CEST1.1.1.1192.168.2.40x7cc9No error (0)s-part-0032.t-0009.t-msedge.net13.107.246.60A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.450885057 CEST1.1.1.1192.168.2.40x692bNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.451307058 CEST1.1.1.1192.168.2.40xa5e7No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.986397982 CEST1.1.1.1192.168.2.40x97d2No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.986397982 CEST1.1.1.1192.168.2.40x97d2No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.986397982 CEST1.1.1.1192.168.2.40x97d2No error (0)sni1gl.wpc.omegacdn.net152.199.21.175A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.986993074 CEST1.1.1.1192.168.2.40x39c4No error (0)aadcdn.msftauth.netscdn38e6f.wpc.9be8f.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:30.986993074 CEST1.1.1.1192.168.2.40x39c4No error (0)scdn38e6f.wpc.9be8f.omegacdn.netsni1gl.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.922454119 CEST1.1.1.1192.168.2.40x4fcaNo error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.922454119 CEST1.1.1.1192.168.2.40x4fcaNo error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.922684908 CEST1.1.1.1192.168.2.40x5369No error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.922684908 CEST1.1.1.1192.168.2.40x5369No error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.922684908 CEST1.1.1.1192.168.2.40x5369No error (0)sni1gl.wpc.upsiloncdn.net152.199.21.175A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.18A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.7.32A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com20.190.135.2A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.14A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.12A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.11A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.21A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:34.973232985 CEST1.1.1.1192.168.2.40x6bc4No error (0)autologon.microsoftazuread-sso.com40.126.28.13A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:36.250437975 CEST1.1.1.1192.168.2.40x75ebNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:36.250437975 CEST1.1.1.1192.168.2.40x75ebNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.499418020 CEST1.1.1.1192.168.2.40x196bNo error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.499418020 CEST1.1.1.1192.168.2.40x196bNo error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.499418020 CEST1.1.1.1192.168.2.40x196bNo error (0)sni1gl.wpc.upsiloncdn.net152.199.21.175A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.500112057 CEST1.1.1.1192.168.2.40xe1b7No error (0)aadcdn.msauthimages.netaadcdn.azureedge.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.500112057 CEST1.1.1.1192.168.2.40xe1b7No error (0)scdn3514c.wpc.9e730.upsiloncdn.netsni1gl.wpc.upsiloncdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.824044943 CEST1.1.1.1192.168.2.40x3433No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.824119091 CEST1.1.1.1192.168.2.40x7ab0No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.858344078 CEST1.1.1.1192.168.2.40x20eeNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:37.858344078 CEST1.1.1.1192.168.2.40x20eeNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:42:50.121084929 CEST1.1.1.1192.168.2.40xb00cNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:42:50.121084929 CEST1.1.1.1192.168.2.40xb00cNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:43:13.571630001 CEST1.1.1.1192.168.2.40x3a5dNo error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:43:13.571630001 CEST1.1.1.1192.168.2.40x3a5dNo error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
                                    Aug 29, 2024 06:43:31.383416891 CEST1.1.1.1192.168.2.40xc65No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                    Aug 29, 2024 06:43:31.387164116 CEST1.1.1.1192.168.2.40xec33No error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false

                                    HTTP Request Dependency Graph

                                    • australianfoodandfibre.servicedeskplus.net.au
                                    • accounts.zoho.com.au
                                    • fs.microsoft.com
                                    • https:
                                      • aadcdn.msauth.net
                                      • autologon.microsoftazuread-sso.com
                                      • aadcdn.msauthimages.net

                                    HTTPS Proxied Packets

                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    0192.168.2.449736103.138.128.664434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:24 UTC734OUTGET /app/itdesk/ui/requests/867000003351579/details HTTP/1.1
                                    Host: australianfoodandfibre.servicedeskplus.net.au
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-User: ?1
                                    Sec-Fetch-Dest: document
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:24 UTC731INHTTP/1.1 302
                                    Server: ZGS
                                    Date: Thu, 29 Aug 2024 04:42:24 GMT
                                    Content-Length: 0
                                    Connection: close
                                    Set-Cookie: zalb_d63ded2016=771e32d61209a8f8d2cb5ace3045233c; Path=/
                                    X-Content-Type-Options: nosniff
                                    Set-Cookie: sdpcscook=57798b93-f060-4609-b778-23fedd8ad93b;path=/;SameSite=None;Secure;priority=high
                                    Set-Cookie: _zcsr_tmp=57798b93-f060-4609-b778-23fedd8ad93b;path=/;SameSite=Strict;Secure;priority=high
                                    Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
                                    Pragma: no-cache
                                    Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                    Location: https://australianfoodandfibre.servicedeskplus.net.au/Login.jsp?serviceurl=%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails
                                    Strict-Transport-Security: max-age=63072000


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    1192.168.2.449735103.138.128.664434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:24 UTC922OUTGET /Login.jsp?serviceurl=%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails HTTP/1.1
                                    Host: australianfoodandfibre.servicedeskplus.net.au
                                    Connection: keep-alive
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-User: ?1
                                    Sec-Fetch-Dest: document
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    Cookie: zalb_d63ded2016=771e32d61209a8f8d2cb5ace3045233c; sdpcscook=57798b93-f060-4609-b778-23fedd8ad93b; _zcsr_tmp=57798b93-f060-4609-b778-23fedd8ad93b
                                    2024-08-29 04:42:24 UTC655INHTTP/1.1 302
                                    Server: ZGS
                                    Date: Thu, 29 Aug 2024 04:42:24 GMT
                                    Content-Type: text/html;charset=UTF-8
                                    Content-Length: 0
                                    Connection: close
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: SAMEORIGIN
                                    X-SDPOD-Version: 1946
                                    Set-Cookie: JSESSIONID=C58AFEA8DDC5C48B97DFD93FAB881EA3; Path=/; Secure; HttpOnly
                                    LOGIN_PAGE_URL: /HomePage.do
                                    Location: https://accounts.zoho.com.au/samlauthrequest/aff-limited.com.au?serviceurl=https%3A%2F%2Faustralianfoodandfibre.servicedeskplus.net.au%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails&servicename=SDPOnDemand&portal_id=7001242490&hide_signup=false
                                    Strict-Transport-Security: max-age=63072000


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    2192.168.2.449740184.28.90.27443
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:26 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    Accept-Encoding: identity
                                    User-Agent: Microsoft BITS/7.8
                                    Host: fs.microsoft.com
                                    2024-08-29 04:42:26 UTC467INHTTP/1.1 200 OK
                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                    Content-Type: application/octet-stream
                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                    Server: ECAcc (lpl/EF06)
                                    X-CID: 11
                                    X-Ms-ApiVersion: Distribute 1.2
                                    X-Ms-Region: prod-weu-z1
                                    Cache-Control: public, max-age=190467
                                    Date: Thu, 29 Aug 2024 04:42:26 GMT
                                    Connection: close
                                    X-CID: 2


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    3192.168.2.449741103.138.128.664434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:26 UTC890OUTGET /samlauthrequest/aff-limited.com.au?serviceurl=https%3A%2F%2Faustralianfoodandfibre.servicedeskplus.net.au%2Fapp%2Fitdesk%2Fui%2Frequests%2F867000003351579%2Fdetails&servicename=SDPOnDemand&portal_id=7001242490&hide_signup=false HTTP/1.1
                                    Host: accounts.zoho.com.au
                                    Connection: keep-alive
                                    Upgrade-Insecure-Requests: 1
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: navigate
                                    Sec-Fetch-User: ?1
                                    Sec-Fetch-Dest: document
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:26 UTC1656INHTTP/1.1 302
                                    Server: ZGS
                                    Date: Thu, 29 Aug 2024 04:42:26 GMT
                                    Content-Type: text/html;charset=UTF-8
                                    Content-Length: 0
                                    Connection: close
                                    Set-Cookie: zalb_3e285c6f31=3abffb16f2a0ae3216f140ff23e68001; Path=/
                                    X-Content-Type-Options: nosniff
                                    Set-Cookie: iamcsr=8256402e-3412-47d7-a510-f344a65c065b;path=/;SameSite=None;Secure;priority=high
                                    Set-Cookie: _zcsr_tmp=8256402e-3412-47d7-a510-f344a65c065b;path=/;SameSite=Strict;Secure;priority=high
                                    Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
                                    Pragma: no-cache
                                    Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                    X-Frame-Options: SAMEORIGIN
                                    P3P: CP="CAO PSA OUR"
                                    Set-Cookie: _scp_tmp=; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Path=/; Secure; SameSite=None
                                    Location: https://login.microsoftonline.com/b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/saml2?SAMLRequest=fVLbjpswEP0V5HfAGAMbK0SiG1WNtG3RJu3DvlTGDIklsKnHpJevL7DdVaSq%2B3rGc27jLcqhH0U1%2BYt5hO8ToA9%2BDr1BsQ5KMjkjrESNwsgBUHgljtXHB8EiKkZnvVW2J8FhX5JvjbrLoMnyjvKUd63aNHLDgaa8UG3BcpoUjG9oToKv4FBbU5KZZN5FnOBg0EvjZ4gyHtK7kG1OlAvOBMujPEufSPDeOgWr0ZJ0skdYVmuJqK%2FwitR%2FLb3TptXm%2FLb%2F5vkRig%2BnUx3Wn48nElSI4Pzs7t4anAZwR3BXreDL40NJLt6PKOJYKmUn4zH6bS82UnaI5BSjPhtt4qU3HOOC0oTxJTAJ9nOr2ki%2FZn7h6O1Zm2jQylm0nbem1wYWrrhhsmhYkoRZxpqQdyoLZUvbsEmzJpUsLSCFVYatea%2B6BfdpDleSp9kO2W2XmVhrdTfHfLsL%2BZKb7G5CbeMbrmfiUSxah31te61%2BBVXf2x%2F3DqSf9b2bYD3UIP3%2F5ZIoWRHdht36VMAgdV%2B1rQPE2X%2F8r84rePtTd38A&RelayState=aHR0cHM6Ly9hdXN0cmFsaWFuZm9vZGFuZGZpYnJlLnNlcnZpY2VkZXNrcGx1cy5uZXQuYXUvYXBwL2l0ZGVzay91aS9yZXF1ZXN0cy84NjcwMDAwMDMzNTE1NzkvZGV0YWlsc19fSUFNX19TRFBPbkRlbWFuZF9fSUFNX19fX0lBTV9fZmFsc2U%3D
                                    Strict-Transport-Security: max-age=63072000


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    4192.168.2.449742184.28.90.27443
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:26 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                    Connection: Keep-Alive
                                    Accept: */*
                                    Accept-Encoding: identity
                                    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                    Range: bytes=0-2147483646
                                    User-Agent: Microsoft BITS/7.8
                                    Host: fs.microsoft.com
                                    2024-08-29 04:42:27 UTC515INHTTP/1.1 200 OK
                                    ApiVersion: Distribute 1.1
                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                    Content-Type: application/octet-stream
                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                    Server: ECAcc (lpl/EF06)
                                    X-CID: 11
                                    X-Ms-ApiVersion: Distribute 1.2
                                    X-Ms-Region: prod-weu-z1
                                    Cache-Control: public, max-age=190419
                                    Date: Thu, 29 Aug 2024 04:42:27 GMT
                                    Content-Length: 55
                                    Connection: close
                                    X-CID: 2
                                    2024-08-29 04:42:27 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    5192.168.2.44974413.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:29 UTC633OUTGET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    Origin: https://login.microsoftonline.com
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:29 UTC818INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:29 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 49804
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Mon, 05 Aug 2024 15:32:28 GMT
                                    ETag: 0x8DCB563D09FF90F
                                    x-ms-request-id: 55534830-d01e-0036-3c4f-f9718b000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044229Z-16579567576fh7f86y3uqsyhx0000000015g00000000m3mq
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:29 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 6d 5b e3 38 d2 30 fa fd fe 15 c1 bb 0f 1d 4f 4c c8 0b d0 e0 b4 3b 77 1a e8 6e 66 80 30 04 66 66 17 58 2e 27 56 c0 dd c1 ce da 0e 34 13 72 7e fb a9 17 c9 96 1d 87 ee d9 3d d7 f9 f2 cc 0b b1 a5 92 2c 95 aa 4a 55 a5 92 b4 f9 d3 da ff 54 7e aa 6c fc f8 3f 95 c1 45 ef fc a2 d2 ff 58 b9 f8 7c 74 7e 50 39 83 b7 7f 54 4e fb 17 47 fb 87 3f 5e 0f 7e 14 ff bf b8 f7 e3 ca d8 9f 88 0a fc 0e dd 58 78 95 30 a8 84 51 c5 0f 46 61 34 0d 23 37 11 71 e5 01 fe 46 be 3b a9 8c a3 f0 a1 92 dc 8b ca 34 0a bf 88 51 12 57 26 7e 9c 40 a1 a1 98 84 4f 95 2a 54 17 79 95 33 37 4a 9e 2b 47 67 66 1d ea 17 50 9b 7f e7 07 50 7a 14 4e 9f e1 f9 3e a9 04 61 e2 8f 44 c5 0d 3c aa 6d 02 2f 41 2c 2a b3 c0 13 51 e5 e9 de 1f dd 57 4e fc 51 14 c6 e1 38 a9 44 62 24
                                    Data Ascii: m[80OL;wnf0ffX.'V4r~=,JUT~l?EX|t~P9TNG?^~Xx0QFa4#7qF;4QW&~@O*Ty37J+GgfPPzN>aD<m/A,*QWNQ8Db$
                                    2024-08-29 04:42:29 UTC16384INData Raw: 39 ce 05 9e bd 43 1a 07 3e e0 59 bf e7 e2 51 a8 73 30 56 ec 10 a1 fe a6 75 c8 0d 27 1c c8 cc 3b 47 70 68 d3 97 de 38 51 da 2b 6d ae c3 c3 92 66 30 2c c7 e2 0e a7 d6 2d 0d 94 23 88 9f 19 2d 1f 22 de b2 95 e2 e1 43 fe ba 22 db f8 db c7 de c7 bd 8f bb 46 5e a9 e2 79 8b bb 39 80 f2 13 69 1c da 46 ac bd 01 17 40 95 be ca 7a c8 5e 78 9e 4e f0 34 2a 49 07 20 d2 55 18 4e aa f9 a9 79 19 46 01 fd be 74 21 2c 48 25 ed 0b d8 5c e1 21 97 5b fb 1f fa e7 08 c5 f1 db 24 52 d4 24 94 ea 86 a0 ac 71 9b a5 70 df 6e 64 32 7d bb 49 7e 1c 3a 35 86 3a 0b bc 11 b9 bc 63 53 13 db b6 21 b2 17 b6 8c 6c 3a de c8 b0 48 30 1a 78 e1 93 b1 f2 84 d9 a0 da 32 3b 49 9d 0e a3 ba 0c c0 20 f1 60 44 0e bf e1 b1 1f 00 db 07 eb f8 0b 93 7a ee 80 51 71 65 d0 f1 46 c6 4d b5 e4 80 4a d1 c1 db 33 01
                                    Data Ascii: 9C>YQs0Vu';Gph8Q+mf0,-#-"C"F^y9iF@z^xN4*I UNyFt!,H%\![$R$qpnd2}I~:5:cS!l:H0x2;I `DzQqeFMJ3
                                    2024-08-29 04:42:29 UTC16384INData Raw: 6a cd f9 76 21 34 7e 0a 9b e9 a1 b3 3a b4 f9 ab b6 41 4a 73 39 49 49 78 a3 6d 90 4f f2 d1 5f e3 49 57 25 53 20 30 da 2c 5f 9e fb be 25 d9 53 ac e2 06 6d fc 67 4d 28 10 b5 f0 53 88 c0 7e 3e c3 5e b0 96 88 a4 6a 56 81 ac 3c e2 4c 74 3e 79 ed bb 38 fd f9 09 7e 74 9f 32 42 c7 41 04 97 ac e7 a6 59 52 fe 59 8b 9a b4 f3 4a 8b b4 d6 10 bd d9 0f af 84 78 1b c9 34 c0 e1 99 a8 cd 23 a0 ce 8d b4 0e 00 99 43 46 38 aa 5e e1 a4 f2 b1 1e 2b 7f d5 16 32 3e 8d f2 99 ec b5 f7 ea 3d de 6a 55 6b ab 45 a6 da 10 6c 86 da dd 41 0a 35 3a 57 9c 6d af f8 17 dd 86 fe 9a 8f 67 27 ed 3a 5b 96 b7 fe 68 25 95 d8 2b b0 d4 b5 c8 c6 c9 ae 2d 62 2a 76 b4 6a a4 5b 48 7c 83 75 29 d5 f1 80 c1 6d 15 f3 46 e2 9d 67 bd 75 10 d5 0f fa 52 85 d6 65 ac 67 bd 66 c1 72 a4 33 6d ea 5c 99 93 86 6e a9 fd
                                    Data Ascii: jv!4~:AJs9IIxmO_IW%S 0,_%SmgM(S~>^jV<Lt>y8~t2BAYRYJx4#CF8^+2>=jUkElA5:Wmg':[h%+-b*vj[H|u)mFguRegfr3m\n
                                    2024-08-29 04:42:29 UTC1470INData Raw: 8a 48 6d df 91 4c 54 19 a7 6a 04 24 62 96 25 0b 24 d4 c0 a5 a6 45 2f 63 f8 e4 e0 0e d0 f4 68 6c d8 37 44 70 d3 c6 9c 6a 8d 33 2e 82 62 3b 12 9c f1 56 32 89 89 b7 1c f8 4d 92 80 1d 13 a3 81 6b 0f 74 b0 f6 84 70 e9 e9 2c 49 af 92 78 a0 74 57 ec ad 25 df 18 38 c3 d4 53 29 e6 ae 8e 8b 93 b1 d2 56 e2 b7 bf 85 b6 94 6e 6e da cf 4a 54 d6 75 6d ac a3 fc 6d 23 e6 09 04 32 6d 06 4d 28 cf 16 35 28 24 8a d7 e3 11 0c 87 53 1f 83 11 24 c4 fc c3 89 41 42 39 c4 98 16 56 9e 4f 6d b3 c6 ef 84 26 af d9 dd a3 84 63 8c fa 7b eb 2a bd af dc 00 b7 88 03 05 8e ec fa fd 82 bd 9f 8c 0b 40 5f cc ab 16 c9 2c 13 c1 24 45 9b f2 c5 95 32 0f ac 16 0c f7 e9 05 a9 ed 10 12 2b 87 10 71 c9 25 6e 4c d0 b4 d8 26 e3 b3 13 af d7 74 bb 7d 5f d3 95 83 db 5b 37 ea 39 ca bb f7 00 bc c7 7d 71 70 80
                                    Data Ascii: HmLTj$b%$E/chl7Dpj3.b;V2Mktp,IxtW%8S)VnnJTumm#2mM(5($S$AB9VOm&c{*@_,$E2+q%nL&t}_[79}qp


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    6192.168.2.44974713.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:30 UTC408OUTGET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:30 UTC818INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:30 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 49804
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Mon, 05 Aug 2024 15:32:28 GMT
                                    ETag: 0x8DCB563D09FF90F
                                    x-ms-request-id: 55534830-d01e-0036-3c4f-f9718b000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044230Z-165795675767jvm9z21nmtw4wn0000000180000000004bzx
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:30 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 6d 5b e3 38 d2 30 fa fd fe 15 c1 bb 0f 1d 4f 4c c8 0b d0 e0 b4 3b 77 1a e8 6e 66 80 30 04 66 66 17 58 2e 27 56 c0 dd c1 ce da 0e 34 13 72 7e fb a9 17 c9 96 1d 87 ee d9 3d d7 f9 f2 cc 0b b1 a5 92 2c 95 aa 4a 55 a5 92 b4 f9 d3 da ff 54 7e aa 6c fc f8 3f 95 c1 45 ef fc a2 d2 ff 58 b9 f8 7c 74 7e 50 39 83 b7 7f 54 4e fb 17 47 fb 87 3f 5e 0f 7e 14 ff bf b8 f7 e3 ca d8 9f 88 0a fc 0e dd 58 78 95 30 a8 84 51 c5 0f 46 61 34 0d 23 37 11 71 e5 01 fe 46 be 3b a9 8c a3 f0 a1 92 dc 8b ca 34 0a bf 88 51 12 57 26 7e 9c 40 a1 a1 98 84 4f 95 2a 54 17 79 95 33 37 4a 9e 2b 47 67 66 1d ea 17 50 9b 7f e7 07 50 7a 14 4e 9f e1 f9 3e a9 04 61 e2 8f 44 c5 0d 3c aa 6d 02 2f 41 2c 2a b3 c0 13 51 e5 e9 de 1f dd 57 4e fc 51 14 c6 e1 38 a9 44 62 24
                                    Data Ascii: m[80OL;wnf0ffX.'V4r~=,JUT~l?EX|t~P9TNG?^~Xx0QFa4#7qF;4QW&~@O*Ty37J+GgfPPzN>aD<m/A,*QWNQ8Db$
                                    2024-08-29 04:42:30 UTC16384INData Raw: 39 ce 05 9e bd 43 1a 07 3e e0 59 bf e7 e2 51 a8 73 30 56 ec 10 a1 fe a6 75 c8 0d 27 1c c8 cc 3b 47 70 68 d3 97 de 38 51 da 2b 6d ae c3 c3 92 66 30 2c c7 e2 0e a7 d6 2d 0d 94 23 88 9f 19 2d 1f 22 de b2 95 e2 e1 43 fe ba 22 db f8 db c7 de c7 bd 8f bb 46 5e a9 e2 79 8b bb 39 80 f2 13 69 1c da 46 ac bd 01 17 40 95 be ca 7a c8 5e 78 9e 4e f0 34 2a 49 07 20 d2 55 18 4e aa f9 a9 79 19 46 01 fd be 74 21 2c 48 25 ed 0b d8 5c e1 21 97 5b fb 1f fa e7 08 c5 f1 db 24 52 d4 24 94 ea 86 a0 ac 71 9b a5 70 df 6e 64 32 7d bb 49 7e 1c 3a 35 86 3a 0b bc 11 b9 bc 63 53 13 db b6 21 b2 17 b6 8c 6c 3a de c8 b0 48 30 1a 78 e1 93 b1 f2 84 d9 a0 da 32 3b 49 9d 0e a3 ba 0c c0 20 f1 60 44 0e bf e1 b1 1f 00 db 07 eb f8 0b 93 7a ee 80 51 71 65 d0 f1 46 c6 4d b5 e4 80 4a d1 c1 db 33 01
                                    Data Ascii: 9C>YQs0Vu';Gph8Q+mf0,-#-"C"F^y9iF@z^xN4*I UNyFt!,H%\![$R$qpnd2}I~:5:cS!l:H0x2;I `DzQqeFMJ3
                                    2024-08-29 04:42:30 UTC16384INData Raw: 6a cd f9 76 21 34 7e 0a 9b e9 a1 b3 3a b4 f9 ab b6 41 4a 73 39 49 49 78 a3 6d 90 4f f2 d1 5f e3 49 57 25 53 20 30 da 2c 5f 9e fb be 25 d9 53 ac e2 06 6d fc 67 4d 28 10 b5 f0 53 88 c0 7e 3e c3 5e b0 96 88 a4 6a 56 81 ac 3c e2 4c 74 3e 79 ed bb 38 fd f9 09 7e 74 9f 32 42 c7 41 04 97 ac e7 a6 59 52 fe 59 8b 9a b4 f3 4a 8b b4 d6 10 bd d9 0f af 84 78 1b c9 34 c0 e1 99 a8 cd 23 a0 ce 8d b4 0e 00 99 43 46 38 aa 5e e1 a4 f2 b1 1e 2b 7f d5 16 32 3e 8d f2 99 ec b5 f7 ea 3d de 6a 55 6b ab 45 a6 da 10 6c 86 da dd 41 0a 35 3a 57 9c 6d af f8 17 dd 86 fe 9a 8f 67 27 ed 3a 5b 96 b7 fe 68 25 95 d8 2b b0 d4 b5 c8 c6 c9 ae 2d 62 2a 76 b4 6a a4 5b 48 7c 83 75 29 d5 f1 80 c1 6d 15 f3 46 e2 9d 67 bd 75 10 d5 0f fa 52 85 d6 65 ac 67 bd 66 c1 72 a4 33 6d ea 5c 99 93 86 6e a9 fd
                                    Data Ascii: jv!4~:AJs9IIxmO_IW%S 0,_%SmgM(S~>^jV<Lt>y8~t2BAYRYJx4#CF8^+2>=jUkElA5:Wmg':[h%+-b*vj[H|u)mFguRegfr3m\n
                                    2024-08-29 04:42:30 UTC1470INData Raw: 8a 48 6d df 91 4c 54 19 a7 6a 04 24 62 96 25 0b 24 d4 c0 a5 a6 45 2f 63 f8 e4 e0 0e d0 f4 68 6c d8 37 44 70 d3 c6 9c 6a 8d 33 2e 82 62 3b 12 9c f1 56 32 89 89 b7 1c f8 4d 92 80 1d 13 a3 81 6b 0f 74 b0 f6 84 70 e9 e9 2c 49 af 92 78 a0 74 57 ec ad 25 df 18 38 c3 d4 53 29 e6 ae 8e 8b 93 b1 d2 56 e2 b7 bf 85 b6 94 6e 6e da cf 4a 54 d6 75 6d ac a3 fc 6d 23 e6 09 04 32 6d 06 4d 28 cf 16 35 28 24 8a d7 e3 11 0c 87 53 1f 83 11 24 c4 fc c3 89 41 42 39 c4 98 16 56 9e 4f 6d b3 c6 ef 84 26 af d9 dd a3 84 63 8c fa 7b eb 2a bd af dc 00 b7 88 03 05 8e ec fa fd 82 bd 9f 8c 0b 40 5f cc ab 16 c9 2c 13 c1 24 45 9b f2 c5 95 32 0f ac 16 0c f7 e9 05 a9 ed 10 12 2b 87 10 71 c9 25 6e 4c d0 b4 d8 26 e3 b3 13 af d7 74 bb 7d 5f d3 95 83 db 5b 37 ea 39 ca bb f7 00 bc c7 7d 71 70 80
                                    Data Ascii: HmLTj$b%$E/chl7Dpj3.b;V2Mktp,IxtW%8S)VnnJTumm#2mM(5($S$AB9VOm&c{*@_,$E2+q%nL&t}_[79}qp


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    7192.168.2.44975113.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:31 UTC658OUTGET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    Origin: https://login.microsoftonline.com
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: text/css,*/*;q=0.1
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: style
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:31 UTC781INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:31 GMT
                                    Content-Type: text/css
                                    Content-Length: 20414
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Wed, 03 Jul 2024 21:48:08 GMT
                                    ETag: 0x8DC9BA9D4131BFD
                                    x-ms-request-id: 4046b71e-301e-0063-4e4a-f96100000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044231Z-16579567576c4hpgz3uh2pbn5g00000001b000000000am1f
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:31 UTC15603INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ed 7d 6b 73 e3 36 b2 e8 f7 f9 15 5c a7 52 3b ce 4a 8c 48 3d 2d 57 52 3b 99 cc 26 3e 67 5e 35 33 d9 47 a5 52 5b b4 44 59 3c 43 89 ba 24 65 8f 57 47 ff fd e2 8d 06 d0 20 29 8f b3 d9 7b 2b 27 67 13 0b dd 6c 00 dd 8d 06 1a e8 06 be fe ea 0f c1 f3 62 77 5f 66 37 eb 3a 78 fa fc 3c 78 95 2d ca a2 2a 56 35 29 2f 77 45 99 d4 59 b1 0d 83 67 79 1e 30 a4 2a 28 d3 2a 2d 6f d3 65 18 7c f5 f5 d7 5f fd e1 49 bf fb ff 05 ef 3f 3c 7b f7 21 78 f3 97 e0 c3 8f 57 ef be 0f de 92 5f ff 08 5e bf f9 70 f5 fc 45 d0 99 ca 93 27 1f d6 59 15 ac b2 3c 0d c8 7f af 93 2a 5d 06 c5 36 28 ca 20 db 2e 44 ab d3 2a d8 90 7f 97 59 92 07 ab b2 d8 04 f5 3a 0d 76 65 f1 3f e9 82 f4 21 cf aa 9a 7c 74 9d e6 c5 5d f0 94 90 2b 97 c1 db a4 ac ef 83 ab b7 e7 61 f0 81 e0 16
                                    Data Ascii: }ks6\R;JH=-WR;&>g^53GR[DY<C$eWG ){+'glbw_f7:x<x-*V5)/wEYgy0*(*-oe|_I?<{!xW_^pE'Y<*]6( .D*Y:ve?!|t]+a
                                    2024-08-29 04:42:31 UTC4811INData Raw: e7 bc b1 e2 92 61 7d df b0 68 ac ab 2c aa b1 88 da cb c6 22 89 f4 a2 b1 42 53 1e da 58 e7 55 1e b5 fb a5 96 31 c6 85 9c 5c 95 58 0f 77 34 04 a7 bc ef e9 bc 62 55 e4 cb 9d 46 11 60 f2 34 8a 20 ba 0a e1 1d 2d b3 ba 41 d4 6a 33 50 25 58 6c a8 15 02 68 eb 56 83 ba b5 a0 21 5d f4 aa e1 60 30 5e 26 13 b7 4f 5a e3 0c 32 50 fb 10 40 6b 9f fc 5a d9 82 86 f5 c9 a7 ad bc 4f 0f 53 c6 3e 8f 75 ef 81 fb bb e5 60 13 bf d0 d1 86 c0 d4 70 43 60 72 bc 81 ca 0c ee 7b ca cd 06 61 90 56 01 34 34 b4 0d 0f 13 81 b8 e1 dc 70 52 d0 d3 64 f3 b6 df 8a 2c 1c d2 a7 e1 c5 ec 1c b9 2b 18 00 b1 42 22 26 de 7d 9d 59 8d 1f 8e 83 89 00 6e 65 8f 64 aa a2 fc c3 d8 65 70 5f b6 f7 9c 65 7e ea 83 9d 2c f7 31 10 e4 08 df ce 47 c4 df 33 f4 3c 40 c9 2e 2b 17 af 8a ce 37 c9 36 db ed 73 c6 5e f7 a6
                                    Data Ascii: a}h,"BSXU1\Xw4bUF`4 -Aj3P%XlhV!]`0^&OZ2P@kZOS>u`pC`r{aV44pRd,+B"&}Ynedep_e~,1G3<@.+76s^


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    8192.168.2.44975213.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:31 UTC635OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    Origin: https://login.microsoftonline.com
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:31 UTC798INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:31 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 122157
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Mon, 05 Aug 2024 15:32:30 GMT
                                    ETag: 0x8DCB563D185FB49
                                    x-ms-request-id: 849b7260-401e-0037-6e1d-f911fa000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044231Z-16579567576rhxz5kgqdm3tfq000000001bg00000000par5
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:31 UTC15586INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 7b 57 e3 48 92 38 fa ff fd 14 46 33 97 b6 1b e1 92 fc 02 8b 56 b3 c6 40 15 d3 80 19 4c 55 f7 2c c5 70 64 29 6d d4 c8 92 57 92 79 8c f1 7e f6 5f 44 64 a6 94 b2 65 aa 6a 76 cf bd e7 9e db 3b 5b 58 99 91 af c8 c8 c8 88 c8 c8 c8 0f 3f 6f fd 5f 95 9f 2b bb df ff 5f 65 78 d3 bb be a9 0c 4e 2b 37 9f ce ae 8f 2b 57 f0 f5 8f ca e5 e0 e6 ac 7f f2 fd f5 60 a3 f8 ff 37 0f 7e 52 19 fb 01 ab c0 df 91 93 30 af 12 85 95 28 ae f8 a1 1b c5 b3 28 76 52 96 54 a6 f0 6f ec 3b 41 65 1c 47 d3 4a fa c0 2a b3 38 fa 93 b9 69 52 09 fc 24 85 42 23 16 44 cf 95 2a 54 17 7b 95 2b 27 4e 5f 2b 67 57 b5 3a d4 cf a0 36 7f e2 87 50 da 8d 66 af f0 fb 21 ad 84 51 ea bb ac e2 84 1e d5 16 c0 47 98 b0 ca 3c f4 58 5c 79 7e f0 dd 87 ca 85 ef c6 51 12 8d d3 4a cc
                                    Data Ascii: {WH8F3V@LU,pd)mWy~_Ddejv;[X?o_+_exN+7+W`7~R0((vRTo;AeGJ*8iR$B#D*T{+'N_+gW:6Pf!QG<X\y~QJ
                                    2024-08-29 04:42:31 UTC16384INData Raw: e7 df 29 77 61 a8 aa 85 66 8c 3d 56 b9 f2 8a 13 86 16 b2 e9 0c 6f 67 70 f7 12 bb 6c cf 01 9e 02 80 83 7c 30 2c af b0 f6 0d 93 d3 41 6e df f0 a5 27 ee 7b d3 a6 a3 09 c0 44 13 80 50 f9 41 fa 16 17 7e f3 19 4b 56 ca a1 fe 8e 1e 28 a0 30 1d 3b f1 63 7e 35 1f 7d 3f 0b de 71 47 e8 b3 45 fe 86 78 e3 60 35 f7 77 f4 dd 52 72 d7 ea b3 1d 14 9b d0 9f 95 ae 69 5c e2 95 66 d8 43 ea 1e 40 e5 29 a9 ae d0 2d ac f1 78 83 8b 1e b3 e3 7a 99 2b 64 b5 f6 5e bf 85 df 19 6e a3 ef 0d 40 38 a2 21 d8 12 8d 4a 7e dd 95 33 9d c0 a2 c3 80 71 b0 4d 6b 0e 05 91 c0 70 8e bb 3e 0e 80 fb 78 46 81 a6 2f 9e 7c f6 8c b6 c1 c0 5a f0 95 f4 25 4b 28 5b dd fe 3a cf 44 3d 4f 84 bd 40 c4 24 a5 37 2f b8 6a 12 42 3e 7a 5c 2f f3 0b 16 c8 68 70 a6 53 f2 51 44 cb 21 d0 9a ac cf 4a ab cd 36 90 0b ba e5
                                    Data Ascii: )waf=Vogpl|0,An'{DPA~KV(0;c~5}?qGEx`5wRri\fC@)-xz+d^n@8!J~3qMkp>xF/|Z%K([:D=O@$7/jB>z\/hpSQD!J6
                                    2024-08-29 04:42:31 UTC16384INData Raw: 27 68 0d de 85 5c 19 de fc 9e d8 38 89 11 d3 fc 46 a4 15 81 cc fb e4 7d e0 3c 89 d8 ff c0 95 33 9d 7e f5 3e 1c ef 1e 1c be 21 73 28 ee e7 ea 0c 2b 40 45 3d 96 79 a9 ea de 9c aa f2 c4 26 5a 8c f4 53 a0 04 8b d6 28 e9 61 3a 3d 13 73 a3 a0 ee 21 ee a6 4c c0 1b 18 8c c5 64 c4 d4 27 22 13 4e c8 61 dc 8b 90 08 b8 25 94 46 5b f8 11 d2 19 f2 bc 51 37 fb 88 b0 94 ce 5c f0 06 8b 61 33 f0 fb 00 7b 29 5f d9 e0 1a 52 eb ae 6c 70 67 4e e3 2a 4d f8 28 e9 ac 65 bb e7 15 8b a0 15 26 14 4c 2d ca bc aa 67 e9 44 2f c6 01 37 f4 39 cd ab 58 5c b4 52 05 6a 22 63 e7 8d 59 5d 6d f3 70 db 18 e6 2e 7a 0f 67 1a 40 e4 41 f6 81 f5 cf a9 91 f2 4a ce 1b ca 8e 56 ae a6 1a b5 75 27 ee 42 5d 1b 3b 80 e9 33 9d a3 ed 2e d3 95 4b d5 fb 66 3b f5 f7 b7 f6 72 22 87 ac 74 1b 91 91 20 d6 a8 da a1
                                    Data Ascii: 'h\8F}<3~>!s(+@E=y&ZS(a:=s!Ld'"Na%F[Q7\a3{)_RlpgN*M(e&L-gD/79X\Rj"cY]mp.zg@AJVu'B];3.Kf;r"t
                                    2024-08-29 04:42:31 UTC16384INData Raw: c0 9c e5 fd d1 35 72 c7 93 e4 4d 38 1e 3e 8a dc 53 ba bb 67 61 40 4a 64 79 3e 8c ca b2 68 4f 66 bc 41 b1 09 db 1a 27 d2 f7 32 fa 59 52 34 f2 0f f6 13 6e 26 3c 02 5f c7 71 ae 35 14 7f 83 6d 9e a1 6d 85 f8 3a 29 c0 a1 df 93 31 86 9a 8a ef e2 b2 ee 1c 0d c1 4d dd 71 db 4a 26 77 dd 68 ac 8b 7b 61 6c 3e e2 fa 14 52 16 3d fb a7 41 22 a4 56 48 53 bf 47 d7 12 f0 44 d4 60 cb 69 07 5e fe 24 cd e3 c1 e3 e7 9b 28 61 33 c0 ec 34 4f 47 50 26 ed 84 7e 8c 11 6d ba 76 8d 52 03 c6 1e 71 85 32 c9 cc 25 a3 33 c0 d6 6b 54 b8 9a e4 01 af a2 9b f4 a3 ac f2 63 83 25 12 a8 dc 86 28 55 d8 43 c7 e7 59 03 88 d0 06 09 af 1a 3f a2 df a0 1f 5d c0 13 7a e1 04 9f da bc 11 67 0d 94 e0 2a 9f ff 88 78 b1 ad 38 b5 1a 0e 1b e9 00 a6 87 f2 55 61 4e ee 91 e2 cf fb 2e d9 83 be 17 56 df c6 d4 d4
                                    Data Ascii: 5rM8>Sga@Jdy>hOfA'2YR4n&<_q5mm:)1MqJ&wh{al>R=A"VHSGD`i^$(a34OGP&~mvRq2%3kTc%(UCY?]zg*x8UaN.V
                                    2024-08-29 04:42:31 UTC16384INData Raw: 59 61 e5 30 30 3d 4c b0 98 ac 1a e0 0d fc b4 d4 5b 2b b2 2e 2c df 2c 6a 6d 92 02 f2 33 7d 9e 8d 8a 38 bf e1 7c 1b 3c 0a fd 67 da 0f 0d 7e f1 c8 84 44 07 7c 45 1f 24 c3 95 e6 f4 11 34 6a fc 73 7e 1d 39 35 69 28 91 10 7a 1a 63 5b 33 2c cd 76 54 56 5d c1 08 59 7f e9 74 64 09 d2 1c 48 e3 d4 d9 d4 ec 79 45 f5 d5 c2 33 50 82 e6 81 12 fe 56 6e 43 20 0a 72 1a 3a f8 cc db ed 5d d2 b8 7f 27 8a a2 11 f0 3b 60 97 83 44 cc c0 cd 99 77 d2 c0 38 34 0f 61 26 81 23 b4 59 0a 29 b1 c2 0c 32 14 7b 08 87 51 89 32 cc 6a 3a c5 4d 46 2c 27 aa 2e 61 32 a6 88 36 f1 f4 f9 be 94 59 cd e4 d1 06 e7 71 11 22 a1 e0 ce 02 d0 6d a0 ad 02 b3 4e 3d e2 b5 85 7c 8f a1 eb 97 43 07 e9 37 18 f1 b8 fa 48 b7 57 80 84 c9 82 8a a6 1d 71 b2 69 9b 90 76 9e 8a 82 30 44 87 0d 35 8a 73 5f 4a 3a 62 89 40
                                    Data Ascii: Ya00=L[+.,,jm3}8|<g~D|E$4js~95i(zc[3,vTV]YtdHyE3PVnC r:]';`Dw84a&#Y)2{Q2j:MF,'.a26Yq"mN=|C7HWqiv0D5s_J:b@
                                    2024-08-29 04:42:31 UTC16384INData Raw: 73 98 58 3c bf 9b e5 bc da 4d cd 41 53 06 a4 83 8d 0e 7c 03 a7 4a 60 47 4b c6 13 81 37 10 b0 98 c9 fd a0 b9 97 02 cb 04 48 33 f7 78 20 13 cc a1 e3 e4 b6 cc 02 57 e4 b1 97 87 de 7e 70 af e6 f8 a9 9f 48 d7 77 12 ee 32 16 4b cf f1 a5 6d f3 24 0b 9c 40 c4 36 e6 75 3f e4 e4 a7 4e 02 76 13 f8 be c8 93 28 0e 82 04 13 96 25 51 98 24 49 1e 70 70 89 bd 74 53 4b a8 d4 06 09 e5 8e 2b 40 b1 b9 97 d8 7e e2 06 1e 86 13 24 22 0f 6c 96 dd cd fb b4 d6 59 1a 3b 9c 45 2e 0f 5c f5 af ef 31 0e a2 4a e2 dc b7 81 14 8e 7b 37 87 dd 6a 37 a1 e1 11 59 04 ae 9d 67 e0 aa d2 0e 6d 70 0a 19 7b 81 08 99 cd 84 cf e3 fd 10 6f 98 26 3c 14 36 b8 a8 2d 64 92 81 a3 82 0d e5 60 ed 58 bc d0 8f 44 b0 9f 6e 22 83 7b 6e 20 22 8f 65 6e ec 42 4a 41 01 94 22 04 ab cd 23 16 00 1b 83 fd 4c 60 94 72 3b
                                    Data Ascii: sX<MAS|J`GK7H3x W~pHw2Km$@6u?Nv(%Q$IpptSK+@~$"lY;E.\1J{7j7Ygmp{o&<6-d`XDn"{n "enBJA"#L`r;
                                    2024-08-29 04:42:31 UTC16384INData Raw: df 9b e9 ad fa 56 bd f6 87 4d fd d5 09 2b 7f 60 b4 19 bd 5c 57 63 fe 76 e1 f8 44 e1 4d eb 56 ce cf ca 85 e1 99 6b 46 fe fa e7 2f c7 e3 f0 f9 bc 2a 5f a6 2f 43 db cb df 2e 09 6d 93 6d fc ed 27 a8 4e 67 a6 55 fb 42 bd 32 7c f9 79 ff 5e 15 95 06 f7 79 b3 cf de f6 6c d6 2f ff de 4c d0 b2 e0 66 95 e4 1b c6 df 68 75 5a 49 b2 b6 4b 7e 29 f3 3b 45 7e 35 f5 e6 d3 86 c8 49 f5 b7 f9 e3 52 c8 e7 05 26 bd de 5c da c9 00 69 9a fb 8d 94 9f 7f 52 40 81 90 87 74 8b d8 97 a5 ff fc 53 cd cc 93 55 2e bc 7c 7d 07 9a df 99 8e ee 84 bf bf be 46 ad 7d da 44 8b bf 2a 5a 69 99 a1 14 ea 2f 0c 99 ee a4 4c cf 2a 96 cb f4 2e 3a 75 5d f5 ee aa f5 ae aa eb dd 94 bb a2 7a c9 2e 49 ce cd 95 5e fa 53 55 74 aa af 7f be 03 09 7e 39 32 71 9f b2 e8 8b b2 d2 ef e8 0a 93 14 fc f4 6c 7e c6 66 b5
                                    Data Ascii: VM+`\WcvDMVkF/*_/C.mm'NgUB2|y^yl/LfhuZIK~);E~5IR&\iR@tSU.|}F}D*Zi/L*.:u]z.I^SUt~92ql~f
                                    2024-08-29 04:42:32 UTC8267INData Raw: f0 fc a5 43 72 38 1d 22 f1 2d b4 98 cc 76 76 a8 f4 f5 3c f4 e3 dc 94 ae 25 24 07 1c d0 13 14 76 92 1b 2d 25 0c 04 b8 70 30 25 0c 49 a5 79 fc d9 8f 61 f6 e2 da c5 27 be 78 12 c7 17 0b 82 4f 16 fc c9 73 c7 23 2e 8c 07 9f 5d f3 67 27 1c 85 19 a6 6a a0 de f4 e8 70 28 92 3f 4d e0 df 44 83 07 a7 40 08 24 39 48 d3 d8 0b 91 f6 01 24 b0 08 0c e0 af a9 99 2b c0 06 c3 53 1e 09 89 47 cb a2 64 7b 81 6f 80 83 2a de 31 aa b8 e2 40 c0 c3 64 86 64 78 7e c8 66 74 12 2d 6e 4e 22 2c 7f 0a da 08 0c c6 55 16 46 e8 9d 44 02 b9 90 9e 1f 3d 62 70 45 ac fa 40 c4 29 05 8f 81 ab 7d 94 5a 39 09 02 3c 92 e4 84 f3 92 38 49 84 3e 01 da 25 5d f9 77 91 73 9d 5d 8a cc e2 cf b4 39 9d 27 0f 8b fe f2 10 9e 1c 32 98 bd 40 fb 57 a9 a9 d7 e4 13 f5 81 e7 8c 2d 19 c4 3f 32 9a c4 a9 33 2e 06 cc 96
                                    Data Ascii: Cr8"-vv<%$v-%p0%Iya'xOs#.]g'jp(?MD@$9H$+SGd{o*1@ddx~ft-nN",UFD=bpE@)}Z9<8I>%]ws]9'2@W-?23.


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    9192.168.2.44975313.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:31 UTC654OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    Origin: https://login.microsoftonline.com
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:31 UTC797INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:31 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 16112
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Fri, 02 Aug 2024 19:59:07 GMT
                                    ETag: 0x8DCB32D919A1484
                                    x-ms-request-id: 4687f9e6-401e-0018-7b40-f91c31000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044231Z-16579567576pgh4h94c7qn0kuc00000001f0000000001tu3
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:31 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 dd 7d 4d 73 23 47 b2 d8 dd bf 02 8b 75 68 86 4f 3d 10 3e f8 89 11 34 06 01 70 06 4f 24 00 01 e0 50 0a 49 46 34 81 22 d8 4b a0 1b af bb 31 1c 2e 35 8e bd f9 f0 0e be da 37 1f 7c f2 d1 17 df fd 53 36 e2 f9 77 38 3f aa aa ab ba 1b 00 39 d2 6a df b3 42 31 44 77 55 65 55 65 65 65 65 66 65 66 ff e1 66 ed 4f 63 2f f0 5f 8a bd 47 f5 bb 10 bc f4 f7 1e bd 9b 97 de 8f fe cf 7b a1 88 d7 a1 5f c0 df 25 f1 71 15 84 71 f4 fa 83 1b 16 e2 06 be 6a 3c ca 77 f5 c7 4f 8e 37 ab fb ce 22 70 67 62 56 ff 43 e5 d3 6b d9 54 60 d3 a9 bb 58 bc 8c 15 04 27 76 92 df c1 1e 3c 70 b3 c6 1f ca 49 c1 27 ec c6 6b 3c 6a 40 41 69 d9 10 4e 50 9a 36 3c f8 77 d5 28 16 9d e0 65 79 ef d3 cb 1f 93 69 38 81 e3 c1 e0 5f 56 f7 68 94 7e c3 7b 59 01 f8 f0 e7 60 cf 09 e1 cf
                                    Data Ascii: }Ms#GuhO=>4pO$PIF4"K1.57|S6w8?9jB1DwUeUeeeefeffOc/_G{_%qqj<wO7"pgbVCkT`X'v<pI'k<j@AiNP6<w(eyi8_Vh~{Y`
                                    2024-08-29 04:42:31 UTC525INData Raw: e1 2e 77 5a a7 fd 21 d6 62 ff 6d 62 29 ea 10 d2 b2 21 08 6b 3c 66 c9 dc 0f ca 09 4f 3f a8 90 1d 07 43 40 ca 34 59 fa 7e 06 47 6c 1a 6c bb 8e 69 55 d4 03 6b 46 f5 22 7e 0e a2 e8 10 63 2c 62 26 ba 22 9c 66 99 8c 7c 2a 23 e0 23 27 e5 aa 27 e5 7b 8f de 0d fc ab f2 12 06 8d ca eb e0 6b 37 9c af b1 8f 48 e5 23 0c be fc 72 4f 34 30 25 22 69 de 2f 31 8b 20 a8 c8 9d 8f ab 97 c5 9f 7e 7a 2c 7e f9 32 78 55 d9 fb 12 7e 7f 2a 3a 45 fc 60 a9 06 f1 63 f0 b3 ce 5e 28 3e 7d ca 26 45 21 fe 15 b1 0b 14 31 85 e2 1f ff d3 1f 2f 28 af 26 b2 8b c9 f9 08 9e 59 5f 12 b0 5d a5 a0 ce d1 a2 50 b2 e2 80 34 fe 12 18 d6 44 19 9a 2b 51 b9 5e 80 c4 c1 45 82 54 b1 6c 76 35 f9 32 d5 35 6d 69 4e 87 86 43 00 3a 1e ca dc 9f b4 cb f8 e7 e0 aa 0d 94 03 65 98 c1 88 c2 2b 59 23 53 ec 47 31 4e e4
                                    Data Ascii: .wZ!bmb)!k<fO?C@4Y~GlliUkF"~c,b&"f|*##''{k7H#rO40%"i/1 ~z,~2xU~*:E`c^(>}&E!1/(&Y_]P4D+Q^ETlv525miNC:e+Y#SG1N


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    10192.168.2.44975713.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:32 UTC429OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:32 UTC797INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:32 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 16112
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Fri, 02 Aug 2024 19:59:07 GMT
                                    ETag: 0x8DCB32D919A1484
                                    x-ms-request-id: 4687f9e6-401e-0018-7b40-f91c31000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044232Z-16579567576txfkctmnqv2e9c4000000012000000000avwy
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:32 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 dd 7d 4d 73 23 47 b2 d8 dd bf 02 8b 75 68 86 4f 3d 10 3e f8 89 11 34 06 01 70 06 4f 24 00 01 e0 50 0a 49 46 34 81 22 d8 4b a0 1b af bb 31 1c 2e 35 8e bd f9 f0 0e be da 37 1f 7c f2 d1 17 df fd 53 36 e2 f9 77 38 3f aa aa ab ba 1b 00 39 d2 6a df b3 42 31 44 77 55 65 55 65 65 65 65 66 65 66 ff e1 66 ed 4f 63 2f f0 5f 8a bd 47 f5 bb 10 bc f4 f7 1e bd 9b 97 de 8f fe cf 7b a1 88 d7 a1 5f c0 df 25 f1 71 15 84 71 f4 fa 83 1b 16 e2 06 be 6a 3c ca 77 f5 c7 4f 8e 37 ab fb ce 22 70 67 62 56 ff 43 e5 d3 6b d9 54 60 d3 a9 bb 58 bc 8c 15 04 27 76 92 df c1 1e 3c 70 b3 c6 1f ca 49 c1 27 ec c6 6b 3c 6a 40 41 69 d9 10 4e 50 9a 36 3c f8 77 d5 28 16 9d e0 65 79 ef d3 cb 1f 93 69 38 81 e3 c1 e0 5f 56 f7 68 94 7e c3 7b 59 01 f8 f0 e7 60 cf 09 e1 cf
                                    Data Ascii: }Ms#GuhO=>4pO$PIF4"K1.57|S6w8?9jB1DwUeUeeeefeffOc/_G{_%qqj<wO7"pgbVCkT`X'v<pI'k<j@AiNP6<w(eyi8_Vh~{Y`
                                    2024-08-29 04:42:32 UTC525INData Raw: e1 2e 77 5a a7 fd 21 d6 62 ff 6d 62 29 ea 10 d2 b2 21 08 6b 3c 66 c9 dc 0f ca 09 4f 3f a8 90 1d 07 43 40 ca 34 59 fa 7e 06 47 6c 1a 6c bb 8e 69 55 d4 03 6b 46 f5 22 7e 0e a2 e8 10 63 2c 62 26 ba 22 9c 66 99 8c 7c 2a 23 e0 23 27 e5 aa 27 e5 7b 8f de 0d fc ab f2 12 06 8d ca eb e0 6b 37 9c af b1 8f 48 e5 23 0c be fc 72 4f 34 30 25 22 69 de 2f 31 8b 20 a8 c8 9d 8f ab 97 c5 9f 7e 7a 2c 7e f9 32 78 55 d9 fb 12 7e 7f 2a 3a 45 fc 60 a9 06 f1 63 f0 b3 ce 5e 28 3e 7d ca 26 45 21 fe 15 b1 0b 14 31 85 e2 1f ff d3 1f 2f 28 af 26 b2 8b c9 f9 08 9e 59 5f 12 b0 5d a5 a0 ce d1 a2 50 b2 e2 80 34 fe 12 18 d6 44 19 9a 2b 51 b9 5e 80 c4 c1 45 82 54 b1 6c 76 35 f9 32 d5 35 6d 69 4e 87 86 43 00 3a 1e ca dc 9f b4 cb f8 e7 e0 aa 0d 94 03 65 98 c1 88 c2 2b 59 23 53 ec 47 31 4e e4
                                    Data Ascii: .wZ!bmb)!k<fO?C@4Y~GlliUkF"~c,b&"f|*##''{k7H#rO40%"i/1 ~z,~2xU~*:E`c^(>}&E!1/(&Y_]P4D+Q^ETlv525miNC:e+Y#SG1N


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    11192.168.2.44975913.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:32 UTC410OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:32 UTC798INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:32 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 122157
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Mon, 05 Aug 2024 15:32:30 GMT
                                    ETag: 0x8DCB563D185FB49
                                    x-ms-request-id: 849b7260-401e-0037-6e1d-f911fa000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044232Z-16579567576fh7f86y3uqsyhx0000000017000000000fbq0
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:32 UTC15586INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 7b 57 e3 48 92 38 fa ff fd 14 46 33 97 b6 1b e1 92 fc 02 8b 56 b3 c6 40 15 d3 80 19 4c 55 f7 2c c5 70 64 29 6d d4 c8 92 57 92 79 8c f1 7e f6 5f 44 64 a6 94 b2 65 aa 6a 76 cf bd e7 9e db 3b 5b 58 99 91 af c8 c8 c8 88 c8 c8 c8 0f 3f 6f fd 5f 95 9f 2b bb df ff 5f 65 78 d3 bb be a9 0c 4e 2b 37 9f ce ae 8f 2b 57 f0 f5 8f ca e5 e0 e6 ac 7f f2 fd f5 60 a3 f8 ff 37 0f 7e 52 19 fb 01 ab c0 df 91 93 30 af 12 85 95 28 ae f8 a1 1b c5 b3 28 76 52 96 54 a6 f0 6f ec 3b 41 65 1c 47 d3 4a fa c0 2a b3 38 fa 93 b9 69 52 09 fc 24 85 42 23 16 44 cf 95 2a 54 17 7b 95 2b 27 4e 5f 2b 67 57 b5 3a d4 cf a0 36 7f e2 87 50 da 8d 66 af f0 fb 21 ad 84 51 ea bb ac e2 84 1e d5 16 c0 47 98 b0 ca 3c f4 58 5c 79 7e f0 dd 87 ca 85 ef c6 51 12 8d d3 4a cc
                                    Data Ascii: {WH8F3V@LU,pd)mWy~_Ddejv;[X?o_+_exN+7+W`7~R0((vRTo;AeGJ*8iR$B#D*T{+'N_+gW:6Pf!QG<X\y~QJ
                                    2024-08-29 04:42:32 UTC16384INData Raw: e7 df 29 77 61 a8 aa 85 66 8c 3d 56 b9 f2 8a 13 86 16 b2 e9 0c 6f 67 70 f7 12 bb 6c cf 01 9e 02 80 83 7c 30 2c af b0 f6 0d 93 d3 41 6e df f0 a5 27 ee 7b d3 a6 a3 09 c0 44 13 80 50 f9 41 fa 16 17 7e f3 19 4b 56 ca a1 fe 8e 1e 28 a0 30 1d 3b f1 63 7e 35 1f 7d 3f 0b de 71 47 e8 b3 45 fe 86 78 e3 60 35 f7 77 f4 dd 52 72 d7 ea b3 1d 14 9b d0 9f 95 ae 69 5c e2 95 66 d8 43 ea 1e 40 e5 29 a9 ae d0 2d ac f1 78 83 8b 1e b3 e3 7a 99 2b 64 b5 f6 5e bf 85 df 19 6e a3 ef 0d 40 38 a2 21 d8 12 8d 4a 7e dd 95 33 9d c0 a2 c3 80 71 b0 4d 6b 0e 05 91 c0 70 8e bb 3e 0e 80 fb 78 46 81 a6 2f 9e 7c f6 8c b6 c1 c0 5a f0 95 f4 25 4b 28 5b dd fe 3a cf 44 3d 4f 84 bd 40 c4 24 a5 37 2f b8 6a 12 42 3e 7a 5c 2f f3 0b 16 c8 68 70 a6 53 f2 51 44 cb 21 d0 9a ac cf 4a ab cd 36 90 0b ba e5
                                    Data Ascii: )waf=Vogpl|0,An'{DPA~KV(0;c~5}?qGEx`5wRri\fC@)-xz+d^n@8!J~3qMkp>xF/|Z%K([:D=O@$7/jB>z\/hpSQD!J6
                                    2024-08-29 04:42:32 UTC16384INData Raw: 27 68 0d de 85 5c 19 de fc 9e d8 38 89 11 d3 fc 46 a4 15 81 cc fb e4 7d e0 3c 89 d8 ff c0 95 33 9d 7e f5 3e 1c ef 1e 1c be 21 73 28 ee e7 ea 0c 2b 40 45 3d 96 79 a9 ea de 9c aa f2 c4 26 5a 8c f4 53 a0 04 8b d6 28 e9 61 3a 3d 13 73 a3 a0 ee 21 ee a6 4c c0 1b 18 8c c5 64 c4 d4 27 22 13 4e c8 61 dc 8b 90 08 b8 25 94 46 5b f8 11 d2 19 f2 bc 51 37 fb 88 b0 94 ce 5c f0 06 8b 61 33 f0 fb 00 7b 29 5f d9 e0 1a 52 eb ae 6c 70 67 4e e3 2a 4d f8 28 e9 ac 65 bb e7 15 8b a0 15 26 14 4c 2d ca bc aa 67 e9 44 2f c6 01 37 f4 39 cd ab 58 5c b4 52 05 6a 22 63 e7 8d 59 5d 6d f3 70 db 18 e6 2e 7a 0f 67 1a 40 e4 41 f6 81 f5 cf a9 91 f2 4a ce 1b ca 8e 56 ae a6 1a b5 75 27 ee 42 5d 1b 3b 80 e9 33 9d a3 ed 2e d3 95 4b d5 fb 66 3b f5 f7 b7 f6 72 22 87 ac 74 1b 91 91 20 d6 a8 da a1
                                    Data Ascii: 'h\8F}<3~>!s(+@E=y&ZS(a:=s!Ld'"Na%F[Q7\a3{)_RlpgN*M(e&L-gD/79X\Rj"cY]mp.zg@AJVu'B];3.Kf;r"t
                                    2024-08-29 04:42:32 UTC16384INData Raw: c0 9c e5 fd d1 35 72 c7 93 e4 4d 38 1e 3e 8a dc 53 ba bb 67 61 40 4a 64 79 3e 8c ca b2 68 4f 66 bc 41 b1 09 db 1a 27 d2 f7 32 fa 59 52 34 f2 0f f6 13 6e 26 3c 02 5f c7 71 ae 35 14 7f 83 6d 9e a1 6d 85 f8 3a 29 c0 a1 df 93 31 86 9a 8a ef e2 b2 ee 1c 0d c1 4d dd 71 db 4a 26 77 dd 68 ac 8b 7b 61 6c 3e e2 fa 14 52 16 3d fb a7 41 22 a4 56 48 53 bf 47 d7 12 f0 44 d4 60 cb 69 07 5e fe 24 cd e3 c1 e3 e7 9b 28 61 33 c0 ec 34 4f 47 50 26 ed 84 7e 8c 11 6d ba 76 8d 52 03 c6 1e 71 85 32 c9 cc 25 a3 33 c0 d6 6b 54 b8 9a e4 01 af a2 9b f4 a3 ac f2 63 83 25 12 a8 dc 86 28 55 d8 43 c7 e7 59 03 88 d0 06 09 af 1a 3f a2 df a0 1f 5d c0 13 7a e1 04 9f da bc 11 67 0d 94 e0 2a 9f ff 88 78 b1 ad 38 b5 1a 0e 1b e9 00 a6 87 f2 55 61 4e ee 91 e2 cf fb 2e d9 83 be 17 56 df c6 d4 d4
                                    Data Ascii: 5rM8>Sga@Jdy>hOfA'2YR4n&<_q5mm:)1MqJ&wh{al>R=A"VHSGD`i^$(a34OGP&~mvRq2%3kTc%(UCY?]zg*x8UaN.V
                                    2024-08-29 04:42:32 UTC16384INData Raw: 59 61 e5 30 30 3d 4c b0 98 ac 1a e0 0d fc b4 d4 5b 2b b2 2e 2c df 2c 6a 6d 92 02 f2 33 7d 9e 8d 8a 38 bf e1 7c 1b 3c 0a fd 67 da 0f 0d 7e f1 c8 84 44 07 7c 45 1f 24 c3 95 e6 f4 11 34 6a fc 73 7e 1d 39 35 69 28 91 10 7a 1a 63 5b 33 2c cd 76 54 56 5d c1 08 59 7f e9 74 64 09 d2 1c 48 e3 d4 d9 d4 ec 79 45 f5 d5 c2 33 50 82 e6 81 12 fe 56 6e 43 20 0a 72 1a 3a f8 cc db ed 5d d2 b8 7f 27 8a a2 11 f0 3b 60 97 83 44 cc c0 cd 99 77 d2 c0 38 34 0f 61 26 81 23 b4 59 0a 29 b1 c2 0c 32 14 7b 08 87 51 89 32 cc 6a 3a c5 4d 46 2c 27 aa 2e 61 32 a6 88 36 f1 f4 f9 be 94 59 cd e4 d1 06 e7 71 11 22 a1 e0 ce 02 d0 6d a0 ad 02 b3 4e 3d e2 b5 85 7c 8f a1 eb 97 43 07 e9 37 18 f1 b8 fa 48 b7 57 80 84 c9 82 8a a6 1d 71 b2 69 9b 90 76 9e 8a 82 30 44 87 0d 35 8a 73 5f 4a 3a 62 89 40
                                    Data Ascii: Ya00=L[+.,,jm3}8|<g~D|E$4js~95i(zc[3,vTV]YtdHyE3PVnC r:]';`Dw84a&#Y)2{Q2j:MF,'.a26Yq"mN=|C7HWqiv0D5s_J:b@
                                    2024-08-29 04:42:32 UTC16384INData Raw: 73 98 58 3c bf 9b e5 bc da 4d cd 41 53 06 a4 83 8d 0e 7c 03 a7 4a 60 47 4b c6 13 81 37 10 b0 98 c9 fd a0 b9 97 02 cb 04 48 33 f7 78 20 13 cc a1 e3 e4 b6 cc 02 57 e4 b1 97 87 de 7e 70 af e6 f8 a9 9f 48 d7 77 12 ee 32 16 4b cf f1 a5 6d f3 24 0b 9c 40 c4 36 e6 75 3f e4 e4 a7 4e 02 76 13 f8 be c8 93 28 0e 82 04 13 96 25 51 98 24 49 1e 70 70 89 bd 74 53 4b a8 d4 06 09 e5 8e 2b 40 b1 b9 97 d8 7e e2 06 1e 86 13 24 22 0f 6c 96 dd cd fb b4 d6 59 1a 3b 9c 45 2e 0f 5c f5 af ef 31 0e a2 4a e2 dc b7 81 14 8e 7b 37 87 dd 6a 37 a1 e1 11 59 04 ae 9d 67 e0 aa d2 0e 6d 70 0a 19 7b 81 08 99 cd 84 cf e3 fd 10 6f 98 26 3c 14 36 b8 a8 2d 64 92 81 a3 82 0d e5 60 ed 58 bc d0 8f 44 b0 9f 6e 22 83 7b 6e 20 22 8f 65 6e ec 42 4a 41 01 94 22 04 ab cd 23 16 00 1b 83 fd 4c 60 94 72 3b
                                    Data Ascii: sX<MAS|J`GK7H3x W~pHw2Km$@6u?Nv(%Q$IpptSK+@~$"lY;E.\1J{7j7Ygmp{o&<6-d`XDn"{n "enBJA"#L`r;
                                    2024-08-29 04:42:32 UTC16384INData Raw: df 9b e9 ad fa 56 bd f6 87 4d fd d5 09 2b 7f 60 b4 19 bd 5c 57 63 fe 76 e1 f8 44 e1 4d eb 56 ce cf ca 85 e1 99 6b 46 fe fa e7 2f c7 e3 f0 f9 bc 2a 5f a6 2f 43 db cb df 2e 09 6d 93 6d fc ed 27 a8 4e 67 a6 55 fb 42 bd 32 7c f9 79 ff 5e 15 95 06 f7 79 b3 cf de f6 6c d6 2f ff de 4c d0 b2 e0 66 95 e4 1b c6 df 68 75 5a 49 b2 b6 4b 7e 29 f3 3b 45 7e 35 f5 e6 d3 86 c8 49 f5 b7 f9 e3 52 c8 e7 05 26 bd de 5c da c9 00 69 9a fb 8d 94 9f 7f 52 40 81 90 87 74 8b d8 97 a5 ff fc 53 cd cc 93 55 2e bc 7c 7d 07 9a df 99 8e ee 84 bf bf be 46 ad 7d da 44 8b bf 2a 5a 69 99 a1 14 ea 2f 0c 99 ee a4 4c cf 2a 96 cb f4 2e 3a 75 5d f5 ee aa f5 ae aa eb dd 94 bb a2 7a c9 2e 49 ce cd 95 5e fa 53 55 74 aa af 7f be 03 09 7e 39 32 71 9f b2 e8 8b b2 d2 ef e8 0a 93 14 fc f4 6c 7e c6 66 b5
                                    Data Ascii: VM+`\WcvDMVkF/*_/C.mm'NgUB2|y^yl/LfhuZIK~);E~5IR&\iR@tSU.|}F}D*Zi/L*.:u]z.I^SUt~92ql~f
                                    2024-08-29 04:42:33 UTC8267INData Raw: f0 fc a5 43 72 38 1d 22 f1 2d b4 98 cc 76 76 a8 f4 f5 3c f4 e3 dc 94 ae 25 24 07 1c d0 13 14 76 92 1b 2d 25 0c 04 b8 70 30 25 0c 49 a5 79 fc d9 8f 61 f6 e2 da c5 27 be 78 12 c7 17 0b 82 4f 16 fc c9 73 c7 23 2e 8c 07 9f 5d f3 67 27 1c 85 19 a6 6a a0 de f4 e8 70 28 92 3f 4d e0 df 44 83 07 a7 40 08 24 39 48 d3 d8 0b 91 f6 01 24 b0 08 0c e0 af a9 99 2b c0 06 c3 53 1e 09 89 47 cb a2 64 7b 81 6f 80 83 2a de 31 aa b8 e2 40 c0 c3 64 86 64 78 7e c8 66 74 12 2d 6e 4e 22 2c 7f 0a da 08 0c c6 55 16 46 e8 9d 44 02 b9 90 9e 1f 3d 62 70 45 ac fa 40 c4 29 05 8f 81 ab 7d 94 5a 39 09 02 3c 92 e4 84 f3 92 38 49 84 3e 01 da 25 5d f9 77 91 73 9d 5d 8a cc e2 cf b4 39 9d 27 0f 8b fe f2 10 9e 1c 32 98 bd 40 fb 57 a9 a9 d7 e4 13 f5 81 e7 8c 2d 19 c4 3f 32 9a c4 a9 33 2e 06 cc 96
                                    Data Ascii: Cr8"-vv<%$v-%p0%Iya'xOs#.]g'jp(?MD@$9H$+SGd{o*1@ddx~ft-nN",UFD=bpE@)}Z9<8I>%]ws]9'2@W-?23.


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    12192.168.2.44976013.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:32 UTC577OUTGET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:32 UTC818INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:32 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 61052
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 25 May 2023 17:22:47 GMT
                                    ETag: 0x8DB5D44A8CEE4F4
                                    x-ms-request-id: b70ec83a-b01e-002b-1737-f93425000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044232Z-16579567576rt7gkm43y59pk38000000015g00000000h3xf
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:32 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 cc bd 69 77 db 46 b2 30 fc fd fe 0a 0a 27 57 03 8c da 34 29 2f 71 48 23 bc b2 44 db 4c b4 45 4b 9c 8c ac d1 81 c8 96 04 9b 04 18 00 94 ac 91 f8 df 9f aa ea 1d 04 28 29 c9 7d ef 7b 12 8b 40 a3 7a af ae ae ae ae c5 bf 89 93 51 7a d3 2c f8 98 4f 78 91 dd 9e dd f0 f3 69 34 fc fa 53 9e 26 d3 70 e9 d7 fb fb 93 d3 a0 39 9d e5 57 fe c9 c9 fa 29 3b 61 8c 5d cc 92 61 11 a7 89 cf 59 c1 92 e0 ce 9b e5 bc 91 17 59 3c 2c bc 6e d2 cc fc 22 60 49 73 e4 17 cc fb 35 1a cf f8 cf 50 81 c7 7c 9d 2d b8 cb 78 31 cb 92 46 d6 e4 f3 40 c3 f6 af 79 52 6c 47 05 4f 86 b7 35 e0 51 19 7c 9f 67 79 9c 63 16 5e 93 e5 dc ca 72 94 45 43 be cd af f9 b8 06 78 64 01 6f 4c a7 83 24 8f 2f af 8a 7c 33 cd aa 8b 8f 9d 16 bd 8b 72 5e 0b 6a 17 7d d6 ff 06 4d 1e f1 d1 20
                                    Data Ascii: iwF0'W4)/qH#DLEK()}{@zQz,Oxi4S&p9W);a]aYY<,n"`Is5P|-x1F@yRlGO5Q|gyc^rECxdoL$/|3r^j}M
                                    2024-08-29 04:42:32 UTC16384INData Raw: 50 d9 d3 c8 92 f2 c0 bf 2d 5f 47 89 51 d4 c5 e2 ee 4a 5e 8f 74 11 ba 78 22 35 03 45 5f ae b8 15 0a 6b 9f 0b 6f 06 46 14 14 a0 01 d4 75 81 77 09 f9 14 b6 80 d5 55 f7 1d da c5 86 b6 4e 3c e4 1f ba 37 9b b7 b5 c3 23 d4 c8 84 ec 45 b0 c9 37 15 f4 52 19 68 52 db 84 ba 3a 93 b3 c0 d0 32 cd 34 96 c5 e1 77 a8 86 82 5b a0 e4 0c 44 e8 9f fe b7 62 f3 e2 12 ef cd f4 45 86 1d 76 a9 ca dd 36 79 da 4e 84 b4 06 0b 02 f6 93 7c 32 6b 9e 1f 01 48 1d b9 b0 1d 0e 45 73 ff 0a 48 49 e1 df 50 90 3f 40 e9 4f 5c e1 0c 8a 9e 20 e1 3d f7 f7 d8 4d ad e8 59 f6 8d fc 90 12 fc 6f ee 36 ee 97 d9 84 b2 55 80 c3 3d dc ed cb 9b 20 58 b6 fb e2 12 a8 93 cc bb ce 09 d9 17 b7 1b 9e c3 3b 01 49 81 06 e2 8a cd c8 00 2b 23 63 ac 8c 91 a8 99 6f 92 81 56 7b 8e f7 8d b2 42 9c 4a 97 0c 0b bf 45 f5 d2
                                    Data Ascii: P-_GQJ^tx"5E_koFuwUN<7#E7RhR:24w[DbEv6yN|2kHEsHIP?@O\ =MYo6U= X;I+#coV{BJE
                                    2024-08-29 04:42:32 UTC16384INData Raw: 1d 33 33 40 42 0c db 7c 4f c0 28 e6 7a 08 96 01 95 5d ed bb d4 15 db ec c7 f1 16 6d 6f 68 90 c6 f2 9e eb 33 2a c7 18 89 31 56 eb 59 ec bb 71 89 7f aa 93 e3 73 84 51 29 6d 4a 14 bb 22 63 6f 55 2c 47 e7 05 5d 5b 13 bf a6 ac 26 93 2d 98 72 a5 b7 e5 5a dc 5a c8 41 d4 fd e4 3e 1d 71 da 8f 3c 15 aa a8 02 27 5f eb 0a 69 e7 9e 8a 73 ab 65 64 09 18 b0 07 f0 47 1a e5 af 1f a1 b3 aa 6f 4a be 45 d8 0b 7b 11 7c 72 79 14 0f bd 57 cd 6e 76 d1 ec b5 e1 b3 8d 9d 95 66 c2 ca 10 cd 0f a3 7c 90 c5 ac c9 5a ae fa 7f c2 e6 88 97 22 c9 e1 52 b2 22 5d 8a f0 0f 96 12 40 d3 a5 e8 7c be 94 98 1b 2d 25 d5 4c 26 46 3d 61 3a 5c 4a 00 f5 97 a2 e2 77 4b d1 f9 c9 52 72 ef 6a 29 b9 77 6c 21 fc db 40 f8 5d c6 fc 1b 37 be c9 6d fc 7a 4e 9b e8 e0 a1 68 5f 34 7d d6 b3 76 7a fe 9b e8 2e 1e 44
                                    Data Ascii: 33@B|O(z]moh3*1VYqsQ)mJ"coU,G][&-rZZA>q<'_isedGoJE{|ryWnvf|Z"R"]@|-%L&F=a:\JwKRrj)wl!@]7mzNh_4}vz.D
                                    2024-08-29 04:42:33 UTC12718INData Raw: 6b 6b 9b ec 2f dd e2 10 e0 f3 4d ea f3 dd c5 16 fd bd 12 9b ed 3a 78 d7 71 cb 0f 05 12 73 65 5f 43 ee b5 a6 0a 6e 83 08 03 ba f6 3a d7 c1 f5 6c 76 ab 4e 60 47 68 19 58 60 f5 1f 5e bb c3 54 de 2e 80 82 4f c9 76 ef a4 d4 b5 72 0a ee 68 55 55 91 83 40 67 5f dc f5 4a 1c f6 94 3e 3d 7d 79 a0 3e 39 55 07 e7 28 38 b8 38 65 d6 f5 5b 91 70 12 1c 69 47 2b 47 a6 a3 95 0e 6d 81 13 58 fc 26 42 bf 8e 1d ad 38 fe 3e ed 53 99 91 95 ee 68 64 66 52 9b 89 03 08 8d 1b 82 51 74 a5 1c f1 3a ed 15 45 74 3b 29 5e 35 bb d6 fb fa 7a db 7a 27 1a 93 ee 23 3d 44 bf 15 6d ad 43 c0 d2 64 91 ac 81 29 f3 92 ec 05 5f 59 d7 da da 65 be a6 3f da b7 38 0a be 24 da e8 8d 01 b8 41 ae b4 0b ff d2 ba a5 24 85 d5 3e 9e 97 b0 f2 d1 73 cf a0 45 b4 57 a1 27 69 f7 9e 79 d0 2d 71 2f 29 4f 51 86 ce 20
                                    Data Ascii: kk/M:xqse_Cn:lvN`GhX`^T.OvrhUU@g_J>=}y>9U(88e[piG+GmX&B8>ShdfRQt:Et;)^5zz'#=DmCd)_Ye?8$A$>sEW'iy-q/)OQ


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    13192.168.2.44976113.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:33 UTC392OUTGET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:33 UTC818INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:33 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 61052
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 25 May 2023 17:22:47 GMT
                                    ETag: 0x8DB5D44A8CEE4F4
                                    x-ms-request-id: b70ec83a-b01e-002b-1737-f93425000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044233Z-16579567576txfkctmnqv2e9c40000000130000000009q6w
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:33 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 cc bd 69 77 db 46 b2 30 fc fd fe 0a 0a 27 57 03 8c da 34 29 2f 71 48 23 bc b2 44 db 4c b4 45 4b 9c 8c ac d1 81 c8 96 04 9b 04 18 00 94 ac 91 f8 df 9f aa ea 1d 04 28 29 c9 7d ef 7b 12 8b 40 a3 7a af ae ae ae ae c5 bf 89 93 51 7a d3 2c f8 98 4f 78 91 dd 9e dd f0 f3 69 34 fc fa 53 9e 26 d3 70 e9 d7 fb fb 93 d3 a0 39 9d e5 57 fe c9 c9 fa 29 3b 61 8c 5d cc 92 61 11 a7 89 cf 59 c1 92 e0 ce 9b e5 bc 91 17 59 3c 2c bc 6e d2 cc fc 22 60 49 73 e4 17 cc fb 35 1a cf f8 cf 50 81 c7 7c 9d 2d b8 cb 78 31 cb 92 46 d6 e4 f3 40 c3 f6 af 79 52 6c 47 05 4f 86 b7 35 e0 51 19 7c 9f 67 79 9c 63 16 5e 93 e5 dc ca 72 94 45 43 be cd af f9 b8 06 78 64 01 6f 4c a7 83 24 8f 2f af 8a 7c 33 cd aa 8b 8f 9d 16 bd 8b 72 5e 0b 6a 17 7d d6 ff 06 4d 1e f1 d1 20
                                    Data Ascii: iwF0'W4)/qH#DLEK()}{@zQz,Oxi4S&p9W);a]aYY<,n"`Is5P|-x1F@yRlGO5Q|gyc^rECxdoL$/|3r^j}M
                                    2024-08-29 04:42:33 UTC16384INData Raw: 50 d9 d3 c8 92 f2 c0 bf 2d 5f 47 89 51 d4 c5 e2 ee 4a 5e 8f 74 11 ba 78 22 35 03 45 5f ae b8 15 0a 6b 9f 0b 6f 06 46 14 14 a0 01 d4 75 81 77 09 f9 14 b6 80 d5 55 f7 1d da c5 86 b6 4e 3c e4 1f ba 37 9b b7 b5 c3 23 d4 c8 84 ec 45 b0 c9 37 15 f4 52 19 68 52 db 84 ba 3a 93 b3 c0 d0 32 cd 34 96 c5 e1 77 a8 86 82 5b a0 e4 0c 44 e8 9f fe b7 62 f3 e2 12 ef cd f4 45 86 1d 76 a9 ca dd 36 79 da 4e 84 b4 06 0b 02 f6 93 7c 32 6b 9e 1f 01 48 1d b9 b0 1d 0e 45 73 ff 0a 48 49 e1 df 50 90 3f 40 e9 4f 5c e1 0c 8a 9e 20 e1 3d f7 f7 d8 4d ad e8 59 f6 8d fc 90 12 fc 6f ee 36 ee 97 d9 84 b2 55 80 c3 3d dc ed cb 9b 20 58 b6 fb e2 12 a8 93 cc bb ce 09 d9 17 b7 1b 9e c3 3b 01 49 81 06 e2 8a cd c8 00 2b 23 63 ac 8c 91 a8 99 6f 92 81 56 7b 8e f7 8d b2 42 9c 4a 97 0c 0b bf 45 f5 d2
                                    Data Ascii: P-_GQJ^tx"5E_koFuwUN<7#E7RhR:24w[DbEv6yN|2kHEsHIP?@O\ =MYo6U= X;I+#coV{BJE
                                    2024-08-29 04:42:33 UTC16384INData Raw: 1d 33 33 40 42 0c db 7c 4f c0 28 e6 7a 08 96 01 95 5d ed bb d4 15 db ec c7 f1 16 6d 6f 68 90 c6 f2 9e eb 33 2a c7 18 89 31 56 eb 59 ec bb 71 89 7f aa 93 e3 73 84 51 29 6d 4a 14 bb 22 63 6f 55 2c 47 e7 05 5d 5b 13 bf a6 ac 26 93 2d 98 72 a5 b7 e5 5a dc 5a c8 41 d4 fd e4 3e 1d 71 da 8f 3c 15 aa a8 02 27 5f eb 0a 69 e7 9e 8a 73 ab 65 64 09 18 b0 07 f0 47 1a e5 af 1f a1 b3 aa 6f 4a be 45 d8 0b 7b 11 7c 72 79 14 0f bd 57 cd 6e 76 d1 ec b5 e1 b3 8d 9d 95 66 c2 ca 10 cd 0f a3 7c 90 c5 ac c9 5a ae fa 7f c2 e6 88 97 22 c9 e1 52 b2 22 5d 8a f0 0f 96 12 40 d3 a5 e8 7c be 94 98 1b 2d 25 d5 4c 26 46 3d 61 3a 5c 4a 00 f5 97 a2 e2 77 4b d1 f9 c9 52 72 ef 6a 29 b9 77 6c 21 fc db 40 f8 5d c6 fc 1b 37 be c9 6d fc 7a 4e 9b e8 e0 a1 68 5f 34 7d d6 b3 76 7a fe 9b e8 2e 1e 44
                                    Data Ascii: 33@B|O(z]moh3*1VYqsQ)mJ"coU,G][&-rZZA>q<'_isedGoJE{|ryWnvf|Z"R"]@|-%L&F=a:\JwKRrj)wl!@]7mzNh_4}vz.D
                                    2024-08-29 04:42:34 UTC12718INData Raw: 6b 6b 9b ec 2f dd e2 10 e0 f3 4d ea f3 dd c5 16 fd bd 12 9b ed 3a 78 d7 71 cb 0f 05 12 73 65 5f 43 ee b5 a6 0a 6e 83 08 03 ba f6 3a d7 c1 f5 6c 76 ab 4e 60 47 68 19 58 60 f5 1f 5e bb c3 54 de 2e 80 82 4f c9 76 ef a4 d4 b5 72 0a ee 68 55 55 91 83 40 67 5f dc f5 4a 1c f6 94 3e 3d 7d 79 a0 3e 39 55 07 e7 28 38 b8 38 65 d6 f5 5b 91 70 12 1c 69 47 2b 47 a6 a3 95 0e 6d 81 13 58 fc 26 42 bf 8e 1d ad 38 fe 3e ed 53 99 91 95 ee 68 64 66 52 9b 89 03 08 8d 1b 82 51 74 a5 1c f1 3a ed 15 45 74 3b 29 5e 35 bb d6 fb fa 7a db 7a 27 1a 93 ee 23 3d 44 bf 15 6d ad 43 c0 d2 64 91 ac 81 29 f3 92 ec 05 5f 59 d7 da da 65 be a6 3f da b7 38 0a be 24 da e8 8d 01 b8 41 ae b4 0b ff d2 ba a5 24 85 d5 3e 9e 97 b0 f2 d1 73 cf a0 45 b4 57 a1 27 69 f7 9e 79 d0 2d 71 2f 29 4f 51 86 ce 20
                                    Data Ascii: kk/M:xqse_Cn:lvN`GhX`^T.OvrhUU@g_J>=}y>9U(88e[piG+GmX&B8>ShdfRQt:Et;)^5zz'#=DmCd)_Ye?8$A$>sEW'iy-q/)OQ


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    14192.168.2.44976213.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:33 UTC649OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:33 UTC738INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:33 GMT
                                    Content-Type: image/x-icon
                                    Content-Length: 17174
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                    ETag: 0x8D8731230C851A6
                                    x-ms-request-id: 905b830d-201e-0022-041f-f939e4000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044233Z-16579567576mj4tc2xukwvxfxc000000013000000000ebgr
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:33 UTC15646INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                    Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                    2024-08-29 04:42:33 UTC1528INData Raw: 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22
                                    Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    15192.168.2.44976313.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:33 UTC618OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:33 UTC820INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:33 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 116351
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                    ETag: 0x8DC90CE9C53BCDF
                                    x-ms-request-id: d344f831-701e-002f-4dc5-f9f130000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044233Z-16579567576xfl5xzh7yws029s00000001f00000000022ef
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L2_T2
                                    X-Cache: TCP_REMOTE_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:33 UTC15564INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 7d 5b 5b db 48 b6 e8 fb fe 15 b6 a6 c7 2d c5 85 b1 0d 18 22 23 3c 24 21 3d cc 24 81 0d a4 7b 7a 88 87 4f d8 65 ac c4 96 3c ba 70 69 ec fd db cf 5a ab aa a4 92 2c 83 49 f7 3e e7 e1 4c 7f 1d ac 4b a9 ee b5 ee 97 cd 57 d5 ff aa bc aa 6c ac ff 5f e5 fc e2 f0 ec a2 72 f2 be 72 f1 d7 e3 b3 77 95 53 b8 fb b5 f2 e9 e4 e2 f8 ed d1 fa f5 60 a3 f8 ef 62 ec 45 95 91 37 e1 15 f8 bd 76 23 3e ac 04 7e 25 08 2b 9e 3f 08 c2 59 10 ba 31 8f 2a 53 f8 1b 7a ee a4 32 0a 83 69 25 1e f3 ca 2c 0c be f2 41 1c 55 26 5e 14 c3 47 d7 7c 12 dc 55 4c a8 2e 1c 56 4e dd 30 7e a8 1c 9f 5a 0d a8 9f 43 6d de 8d e7 c3 d7 83 60 f6 00 d7 e3 b8 e2 07 b1 37 e0 15 d7 1f 52 6d 13 b8 f1 23 5e 49 fc 21 0f 2b 77 63 6f 30 ae 7c f4 06 61 10 05 a3 b8 12 f2 01 f7 6e a1 91
                                    Data Ascii: }[[H-"#<$!=${zOe<piZ,I>LKWl_rrwS`bE7v#>~%+?Y1*Sz2i%,AU&^G|UL.VN0~ZCm`7Rm#^I!+wco0|an
                                    2024-08-29 04:42:33 UTC16384INData Raw: 18 c7 83 21 d9 e5 88 4a f7 29 10 b3 29 ed a1 c8 21 31 6c a4 7c 24 0d a6 d1 11 fa 1c a5 01 0a 5b 94 cd 52 c6 46 74 d3 39 25 b9 7f 35 c7 69 98 e2 f0 39 e4 be 20 51 ac 5f 38 0d a8 6c 12 e7 d2 21 0f 8b f4 60 66 b7 1b e9 bd c8 3e aa 1a df 6f 23 91 ab ae b3 9d 12 39 6d 96 6c c2 1f 17 ff 84 f0 a7 c0 5e a6 92 85 16 39 27 8a c0 d7 0d cc 3c f7 f9 d8 8f 5b 9d 37 47 26 7f 15 59 0b da a9 34 ee 91 b3 21 1c 8d 3c 27 ec 7a fb 09 85 42 a7 64 03 31 f3 2c a8 05 6d ad 37 b0 ba 11 1c 07 6f 63 24 7a 2a 9e c0 44 8c 1c cf 62 f0 b8 de d2 4c a2 2b a3 57 11 6d f9 0d 34 46 c4 62 de 86 83 df 32 6c 2e b3 75 0e eb ee 41 22 9c 1f 37 5c 12 96 74 3d 74 72 f2 36 36 32 25 ee 04 55 af 63 78 3a de 77 bb 63 ad 77 75 24 b9 a9 7f 63 e8 d4 04 d1 8f c8 6e 8b c6 6a 59 7e 51 35 7b d9 54 5d 67 4c 6e
                                    Data Ascii: !J))!1l|$[RFt9%5i9 Q_8l!`f>o#9ml^9'<[7G&Y4!<'zBd1,m7oc$z*DbL+Wm4Fb2l.uA"7\t=tr662%Ucx:wcwu$cnjY~Q5{T]gLn
                                    2024-08-29 04:42:33 UTC16384INData Raw: 81 5a 15 a1 b2 d8 6f 6d fe 7b aa 2c c8 d9 8e 95 7a ea e1 13 d5 92 42 29 a9 34 69 99 56 a3 cd 69 83 c3 6f ad 0d 06 be 1e 18 2a 71 26 24 3e ca 17 6d 68 13 47 34 51 9e 15 8a ac 0d 12 91 55 d3 11 d8 16 bf a2 56 d7 7a 02 f4 82 62 f8 0d f6 31 ff 7e c3 f3 29 3c 6e 86 a6 1e 78 de 1c e6 34 a4 2d b4 eb 08 5b 68 28 e4 27 ff 14 b8 4b 44 60 66 73 00 6a 32 8a 42 93 09 7e 92 0c 7d 2c 7a 55 96 54 86 01 98 c3 99 9b 7c f3 13 c4 37 68 e6 ee ec ec e2 d1 80 1f 5b fb c8 d2 e2 69 d9 f1 c8 34 46 c5 28 ed 39 9f 3e 0d 60 1e eb 3f e7 9f f2 31 60 ab e1 a7 4f 98 a2 2f 76 eb 5e 30 f4 2d 71 81 4f 02 d6 0d 7a c7 ad a2 1f 70 b7 78 5c ea 75 2f ca 7c 67 ab b9 b5 d7 6c 3b ec 0a 9d b4 92 ae 33 2d e1 2e f5 9d cb 49 7a 11 4e 1c 36 48 a7 77 59 7c 39 2e 7c e7 e3 6d f8 6c 65 b3 d5 de 5e df 6c 6d
                                    Data Ascii: Zom{,zB)4iVio*q&$>mhG4QUVzb1~)<nx4-[h('KD`fsj2B~},zUT|7h[i4F(9>`?1`O/v^0-qOzpx\u/|gl;3-.IzN6HwY|9.|mle^lm
                                    2024-08-29 04:42:34 UTC16384INData Raw: 7b a8 9e 74 a9 5a a4 d2 a6 93 a1 67 65 d3 68 89 fd 88 93 c7 73 8a d0 3c 68 c3 a2 85 cd 11 2c d5 a0 39 ea a4 87 79 47 79 d1 de 01 07 65 18 38 f6 72 b4 57 07 6e 6a dc 1d ba a5 7b 8d 57 c7 b5 e7 f9 f4 f3 2a b8 94 6d 5e 00 db 7c 75 78 d1 f1 80 31 e9 5d c0 37 48 fb ad c6 ee 94 5d b3 3b 34 7e c9 50 1b 7e 0d ff 18 41 2f fc f1 d7 db b6 a8 03 be 57 dd af a4 f1 42 ec c7 77 6c 93 e2 23 c5 ca d6 1f 51 5f d5 65 a2 ce d4 85 07 26 55 2b bd d9 0f 36 d9 2a a6 87 d9 14 ec 58 0d 62 d7 5e 64 c6 3a 90 b8 92 28 99 12 78 3d 8e 6e 85 d5 58 8e 05 53 e5 71 25 82 73 f5 fa 9d e9 21 d1 18 71 6f 28 41 e9 8e bb 64 19 96 fa c8 2b 66 1e 0a af 5d 20 3e bb 3d e8 00 b6 4d df c7 7f 3d 6d 64 60 4a 1c ee 05 21 e0 8f 5d bc fd 39 31 80 0f ed 2f de 78 ba 11 01 9e 38 af da a4 48 18 11 e1 d2 e2 b9
                                    Data Ascii: {tZgehs<h,9yGye8rWnj{W*m^|ux1]7H];4~P~A/WBwl#Q_e&U+6*Xb^d:(x=nXSq%s!qo(Ad+f] >=M=md`J!]91/x8H
                                    2024-08-29 04:42:34 UTC16384INData Raw: e1 d8 ef f7 e0 3c fa cf 07 d3 e4 36 c4 e8 63 95 8e 01 05 5d 5f a2 aa 8f ab 0e 2e e0 35 cb d3 9e 23 48 7c f4 9f 8d 9e 19 d1 ef 3e a0 21 c0 ce ce 9b e1 4b ff c2 fb 88 11 fb a2 8f 88 5f 3f 72 d2 9e 8f 9c 24 19 de 61 c5 e0 ee 0e ff 4c f8 cf 72 67 a7 fc e5 56 17 93 c7 22 1b be 7d 7a 77 77 5a 56 f5 f8 a7 2a 26 20 d0 d7 13 e4 78 4f 05 65 0e 7f 82 ee 9f 31 eb 7b 8b 75 3c 8b a4 11 96 f8 d7 71 12 a0 e7 22 ce ba 58 61 02 ad 50 e7 56 c7 91 24 3c a0 88 16 c6 bd f0 55 2f 22 66 2e 77 f3 f3 12 e8 37 ef c6 a7 86 43 80 56 14 17 ac 70 39 a1 b7 2b 14 4c fc b7 1d c2 a2 a9 6b f1 c6 c5 89 71 e2 81 73 3f 1c 94 e6 7c de ee a2 22 34 1b 38 e7 6d d8 0b 68 7e c5 26 d6 a1 6f bf 6e f9 37 8e 5e 6a f7 02 8e e1 64 9e 70 a8 52 d9 a3 2b d8 1f 5e 85 62 97 5a 5d dc 27 59 8f 0b 9a 6c ab b6 cb
                                    Data Ascii: <6c]_.5#H|>!K_?r$aLrgV"}zwwZV*& xOe1{u<q"XaPV$<U/"f.w7CVp9+Lkqs?|"48mh~&on7^jdpR+^bZ]'Yl
                                    2024-08-29 04:42:34 UTC16384INData Raw: a4 f6 ed 89 b1 07 34 56 37 d3 aa 7d bb 91 f2 55 83 4e 6e 3f 66 0a 7e 92 35 70 7a 90 35 7a 7a f0 8d 53 40 6d 7c ff 79 e0 7d de 78 32 6a d5 43 3e b4 b7 56 10 ae bd 71 78 f5 ef 3f 08 6c f5 1b c7 90 5c d4 f5 06 f2 17 2d 49 d4 f4 e6 43 6a f0 6c f7 82 7c 08 24 f9 30 93 84 92 25 a8 86 17 c6 37 b6 32 44 b9 e9 b1 28 23 29 75 13 e6 1d 4e 44 53 05 9c a6 42 9f ef 52 74 c4 c9 8c ac 40 7b a1 89 05 1e d4 25 96 94 ac 97 9b 33 6e 07 b3 d5 11 28 e7 a0 1a e9 8e 1b 72 0e 4a 9b cc c1 3b 6b 9a 45 56 98 81 18 9f 8b 11 52 62 9f 7d 24 1c 75 e4 66 60 3c 86 11 0f 12 07 88 b4 48 89 95 37 02 09 66 6f 35 fa da 73 23 93 58 05 b8 51 61 5f 89 5c 38 8e 97 df e1 c1 b6 f9 27 eb 59 9f 4c 2b bb d0 11 a6 64 24 b3 02 f2 dc df e4 26 1a 0a b5 17 85 07 d9 a0 17 68 cc ca 77 73 3d 5b f1 49 00 e6 18
                                    Data Ascii: 4V7}UNn?f~5pz5zzS@m|y}x2jC>Vqx?l\-ICjl|$0%72D(#)uNDSBRt@{%3n(rJ;kEVRb}$uf`<H7fo5s#XQa_\8'YL+d$&hws=[I
                                    2024-08-29 04:42:34 UTC16384INData Raw: 32 2b f2 7f 96 e3 c2 fe ac 48 19 2b 8a 94 b1 92 b0 01 db 62 4d 80 99 2f da 77 b6 3f c7 11 6d b0 20 f4 4e 36 fc 78 52 c2 b7 99 01 db e6 9d af 1f 48 37 8b ba 14 7a 36 64 ec 9f 03 99 99 00 57 ad 27 05 72 83 e4 18 29 8b 44 f6 10 29 ab 44 24 31 6d 8d 91 95 41 6a 2c 03 08 d3 63 6c c9 10 f6 42 47 f7 da 41 2b 20 73 14 ad 6a 89 ed 1b 6d 84 d4 66 3e 8c fd ef 3c ae 65 f2 99 fd 8c 1c f9 b9 c5 67 bd 0c 4d 63 49 4d be 86 87 0e 8d 51 af 18 45 1c 8f fe 48 aa 21 35 8e 64 bc df f3 79 44 5f 94 7a 92 a7 11 dd 02 b4 e0 23 a1 ed f3 d0 09 fb a5 ca a6 db 9e bf 9e 39 eb 9e b2 49 d6 87 b2 38 c4 00 47 66 1b 80 5d 0d e3 4a 71 63 81 46 b6 db a5 b2 85 5d 19 2b 7b 6d df c9 d4 b4 b9 fd 0d 37 24 be f2 5f de 8f 51 d7 b9 01 c0 e6 fd a7 f7 fe cb 83 a8 a1 39 2f 76 e6 ad 15 84 5b 8c 01 5f fb
                                    Data Ascii: 2+H+bM/w?m N6xRH7z6dW'r)D)D$1mAj,clBGA+ sjmf><egMcIMQEH!5dyD_z#9I8Gf]JqcF]+{m7$_Q9/v[_
                                    2024-08-29 04:42:34 UTC2483INData Raw: 34 38 63 56 a8 e3 84 c2 9b 05 e6 87 c6 a4 02 8f 47 66 3a f9 c2 76 0c 4d de cb 47 19 e7 58 5f 9b d6 f4 28 9a 4a fc af ad af 4b 69 91 8f 8e 81 4b 89 40 a7 af 97 d3 e6 90 31 2e 27 06 be 55 2b a7 c1 41 79 3c 2e 27 8e 21 31 2f 27 4e 21 31 2d 27 4e 7c 20 b8 4b 69 33 1f 08 ec 52 da c8 07 02 bc 94 76 e3 03 31 5e 4a bb f4 81 da 28 a5 9d fb 40 e2 94 d2 2e 7c 20 8d 4a 69 67 be f5 a4 9c 76 85 0e ef 4a 69 d7 be f5 6d 39 ed 48 46 cb 1b 1f a7 35 eb 8b af 6d 67 bd 47 e1 f8 6e 17 e8 5e 61 df fc 5c a7 ef 5e ef 5b 99 e1 ee 78 dd ee fb c7 4f 1c c8 f9 c6 5f 6f 0d 8e 53 98 fc af ed 75 f8 bc ee be a0 78 82 18 17 70 3d 7a c0 f6 fa a3 7b ea 3e 77 0f dd b7 ee af ee 2b f7 9d 7b f0 3b 34 a2 6f 17 ee 4b 54 e2 cb 32 1d e4 de 7d ef 1f b4 a2 f3 18 78 be 17 1c 1b fa 3b ff a5 24 99 9e f9
                                    Data Ascii: 48cVGf:vMGX_(JKiK@1.'U+Ay<.'!1/'N!1-'N| Ki3Rv1^J(@.| JigvJim9HF5mgGn^a\^[xO_oSuxp=z{>w+{;4oKT2}x;$


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    16192.168.2.44976413.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:34 UTC404OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:34 UTC738INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:34 GMT
                                    Content-Type: image/x-icon
                                    Content-Length: 17174
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                    ETag: 0x8D8731230C851A6
                                    x-ms-request-id: 905b830d-201e-0022-041f-f939e4000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044234Z-165795675767jvm9z21nmtw4wn000000012g00000000mf4b
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:34 UTC15646INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                    Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                    2024-08-29 04:42:34 UTC1528INData Raw: 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22
                                    Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    17192.168.2.44976513.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:34 UTC433OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:34 UTC792INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:34 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 116351
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                    ETag: 0x8DC90CE9C53BCDF
                                    x-ms-request-id: d344f831-701e-002f-4dc5-f9f130000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044234Z-16579567576xfl5xzh7yws029s00000001e0000000004zhf
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:34 UTC15592INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ec 7d 5b 5b db 48 b6 e8 fb fe 15 b6 a6 c7 2d c5 85 b1 0d 18 22 23 3c 24 21 3d cc 24 81 0d a4 7b 7a 88 87 4f d8 65 ac c4 96 3c ba 70 69 ec fd db cf 5a ab aa a4 92 2c 83 49 f7 3e e7 e1 4c 7f 1d ac 4b a9 ee b5 ee 97 cd 57 d5 ff aa bc aa 6c ac ff 5f e5 fc e2 f0 ec a2 72 f2 be 72 f1 d7 e3 b3 77 95 53 b8 fb b5 f2 e9 e4 e2 f8 ed d1 fa f5 60 a3 f8 ef 62 ec 45 95 91 37 e1 15 f8 bd 76 23 3e ac 04 7e 25 08 2b 9e 3f 08 c2 59 10 ba 31 8f 2a 53 f8 1b 7a ee a4 32 0a 83 69 25 1e f3 ca 2c 0c be f2 41 1c 55 26 5e 14 c3 47 d7 7c 12 dc 55 4c a8 2e 1c 56 4e dd 30 7e a8 1c 9f 5a 0d a8 9f 43 6d de 8d e7 c3 d7 83 60 f6 00 d7 e3 b8 e2 07 b1 37 e0 15 d7 1f 52 6d 13 b8 f1 23 5e 49 fc 21 0f 2b 77 63 6f 30 ae 7c f4 06 61 10 05 a3 b8 12 f2 01 f7 6e a1 91
                                    Data Ascii: }[[H-"#<$!=${zOe<piZ,I>LKWl_rrwS`bE7v#>~%+?Y1*Sz2i%,AU&^G|UL.VN0~ZCm`7Rm#^I!+wco0|an
                                    2024-08-29 04:42:34 UTC16384INData Raw: a5 01 0a 5b 94 cd 52 c6 46 74 d3 39 25 b9 7f 35 c7 69 98 e2 f0 39 e4 be 20 51 ac 5f 38 0d a8 6c 12 e7 d2 21 0f 8b f4 60 66 b7 1b e9 bd c8 3e aa 1a df 6f 23 91 ab ae b3 9d 12 39 6d 96 6c c2 1f 17 ff 84 f0 a7 c0 5e a6 92 85 16 39 27 8a c0 d7 0d cc 3c f7 f9 d8 8f 5b 9d 37 47 26 7f 15 59 0b da a9 34 ee 91 b3 21 1c 8d 3c 27 ec 7a fb 09 85 42 a7 64 03 31 f3 2c a8 05 6d ad 37 b0 ba 11 1c 07 6f 63 24 7a 2a 9e c0 44 8c 1c cf 62 f0 b8 de d2 4c a2 2b a3 57 11 6d f9 0d 34 46 c4 62 de 86 83 df 32 6c 2e b3 75 0e eb ee 41 22 9c 1f 37 5c 12 96 74 3d 74 72 f2 36 36 32 25 ee 04 55 af 63 78 3a de 77 bb 63 ad 77 75 24 b9 a9 7f 63 e8 d4 04 d1 8f c8 6e 8b c6 6a 59 7e 51 35 7b d9 54 5d 67 4c 6e e8 08 7d 24 9c 79 b4 a5 16 ba 9d f4 dc 02 1d 87 a0 45 16 81 45 3a 08 28 e6 5b 80 bc
                                    Data Ascii: [RFt9%5i9 Q_8l!`f>o#9ml^9'<[7G&Y4!<'zBd1,m7oc$z*DbL+Wm4Fb2l.uA"7\t=tr662%Ucx:wcwu$cnjY~Q5{T]gLn}$yEE:([
                                    2024-08-29 04:42:34 UTC16384INData Raw: 56 a3 cd 69 83 c3 6f ad 0d 06 be 1e 18 2a 71 26 24 3e ca 17 6d 68 13 47 34 51 9e 15 8a ac 0d 12 91 55 d3 11 d8 16 bf a2 56 d7 7a 02 f4 82 62 f8 0d f6 31 ff 7e c3 f3 29 3c 6e 86 a6 1e 78 de 1c e6 34 a4 2d b4 eb 08 5b 68 28 e4 27 ff 14 b8 4b 44 60 66 73 00 6a 32 8a 42 93 09 7e 92 0c 7d 2c 7a 55 96 54 86 01 98 c3 99 9b 7c f3 13 c4 37 68 e6 ee ec ec e2 d1 80 1f 5b fb c8 d2 e2 69 d9 f1 c8 34 46 c5 28 ed 39 9f 3e 0d 60 1e eb 3f e7 9f f2 31 60 ab e1 a7 4f 98 a2 2f 76 eb 5e 30 f4 2d 71 81 4f 02 d6 0d 7a c7 ad a2 1f 70 b7 78 5c ea 75 2f ca 7c 67 ab b9 b5 d7 6c 3b ec 0a 9d b4 92 ae 33 2d e1 2e f5 9d cb 49 7a 11 4e 1c 36 48 a7 77 59 7c 39 2e 7c e7 e3 6d f8 6c 65 b3 d5 de 5e df 6c 6d 6e af bc 88 12 8c f1 02 ad 7d 86 ce af 57 dc 5f 26 69 9c a5 a8 c9 28 3d 87 21 51 01
                                    Data Ascii: Vio*q&$>mhG4QUVzb1~)<nx4-[h('KD`fsj2B~},zUT|7h[i4F(9>`?1`O/v^0-qOzpx\u/|gl;3-.IzN6HwY|9.|mle^lmn}W_&i(=!Q
                                    2024-08-29 04:42:35 UTC16384INData Raw: cd 11 2c d5 a0 39 ea a4 87 79 47 79 d1 de 01 07 65 18 38 f6 72 b4 57 07 6e 6a dc 1d ba a5 7b 8d 57 c7 b5 e7 f9 f4 f3 2a b8 94 6d 5e 00 db 7c 75 78 d1 f1 80 31 e9 5d c0 37 48 fb ad c6 ee 94 5d b3 3b 34 7e c9 50 1b 7e 0d ff 18 41 2f fc f1 d7 db b6 a8 03 be 57 dd af a4 f1 42 ec c7 77 6c 93 e2 23 c5 ca d6 1f 51 5f d5 65 a2 ce d4 85 07 26 55 2b bd d9 0f 36 d9 2a a6 87 d9 14 ec 58 0d 62 d7 5e 64 c6 3a 90 b8 92 28 99 12 78 3d 8e 6e 85 d5 58 8e 05 53 e5 71 25 82 73 f5 fa 9d e9 21 d1 18 71 6f 28 41 e9 8e bb 64 19 96 fa c8 2b 66 1e 0a af 5d 20 3e bb 3d e8 00 b6 4d df c7 7f 3d 6d 64 60 4a 1c ee 05 21 e0 8f 5d bc fd 39 31 80 0f ed 2f de 78 ba 11 01 9e 38 af da a4 48 18 11 e1 d2 e2 b9 26 db 1b f0 d8 de 88 fc 62 15 0d ec a3 d5 da d0 2e 4b e9 b6 dc ae 1f 4f c3 e1 43 3c
                                    Data Ascii: ,9yGye8rWnj{W*m^|ux1]7H];4~P~A/WBwl#Q_e&U+6*Xb^d:(x=nXSq%s!qo(Ad+f] >=M=md`J!]91/x8H&b.KOC<
                                    2024-08-29 04:42:35 UTC16384INData Raw: 35 cb d3 9e 23 48 7c f4 9f 8d 9e 19 d1 ef 3e a0 21 c0 ce ce 9b e1 4b ff c2 fb 88 11 fb a2 8f 88 5f 3f 72 d2 9e 8f 9c 24 19 de 61 c5 e0 ee 0e ff 4c f8 cf 72 67 a7 fc e5 56 17 93 c7 22 1b be 7d 7a 77 77 5a 56 f5 f8 a7 2a 26 20 d0 d7 13 e4 78 4f 05 65 0e 7f 82 ee 9f 31 eb 7b 8b 75 3c 8b a4 11 96 f8 d7 71 12 a0 e7 22 ce ba 58 61 02 ad 50 e7 56 c7 91 24 3c a0 88 16 c6 bd f0 55 2f 22 66 2e 77 f3 f3 12 e8 37 ef c6 a7 86 43 80 56 14 17 ac 70 39 a1 b7 2b 14 4c fc b7 1d c2 a2 a9 6b f1 c6 c5 89 71 e2 81 73 3f 1c 94 e6 7c de ee a2 22 34 1b 38 e7 6d d8 0b 68 7e c5 26 d6 a1 6f bf 6e f9 37 8e 5e 6a f7 02 8e e1 64 9e 70 a8 52 d9 a3 2b d8 1f 5e 85 62 97 5a 5d dc 27 59 8f 0b 9a 6c ab b6 cb cf 9d d2 02 54 b7 02 3a c1 61 cd 1c bd 16 ca 31 ba bc 18 2b b7 8d 96 03 a5 f9 92 c9
                                    Data Ascii: 5#H|>!K_?r$aLrgV"}zwwZV*& xOe1{u<q"XaPV$<U/"f.w7CVp9+Lkqs?|"48mh~&on7^jdpR+^bZ]'YlT:a1+
                                    2024-08-29 04:42:35 UTC16384INData Raw: 35 7a 7a f0 8d 53 40 6d 7c ff 79 e0 7d de 78 32 6a d5 43 3e b4 b7 56 10 ae bd 71 78 f5 ef 3f 08 6c f5 1b c7 90 5c d4 f5 06 f2 17 2d 49 d4 f4 e6 43 6a f0 6c f7 82 7c 08 24 f9 30 93 84 92 25 a8 86 17 c6 37 b6 32 44 b9 e9 b1 28 23 29 75 13 e6 1d 4e 44 53 05 9c a6 42 9f ef 52 74 c4 c9 8c ac 40 7b a1 89 05 1e d4 25 96 94 ac 97 9b 33 6e 07 b3 d5 11 28 e7 a0 1a e9 8e 1b 72 0e 4a 9b cc c1 3b 6b 9a 45 56 98 81 18 9f 8b 11 52 62 9f 7d 24 1c 75 e4 66 60 3c 86 11 0f 12 07 88 b4 48 89 95 37 02 09 66 6f 35 fa da 73 23 93 58 05 b8 51 61 5f 89 5c 38 8e 97 df e1 c1 b6 f9 27 eb 59 9f 4c 2b bb d0 11 a6 64 24 b3 02 f2 dc df e4 26 1a 0a b5 17 85 07 d9 a0 17 68 cc ca 77 73 3d 5b f1 49 00 e6 18 8f 68 05 24 97 aa 6d eb 2e 2c 1d 66 e5 a0 1c 20 4d 8c 25 28 2c 83 02 e3 11 f6 2f d3
                                    Data Ascii: 5zzS@m|y}x2jC>Vqx?l\-ICjl|$0%72D(#)uNDSBRt@{%3n(rJ;kEVRb}$uf`<H7fo5s#XQa_\8'YL+d$&hws=[Ih$m.,f M%(,/


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    18192.168.2.44976613.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:34 UTC620OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:34 UTC818INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:34 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 5531
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                    ETag: 0x8DC90CE9C8E6126
                                    x-ms-request-id: 6baff742-a01e-004e-15c9-f9d273000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044234Z-16579567576pgh4h94c7qn0kuc00000001f0000000001tzq
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L2_T2
                                    X-Cache: TCP_REMOTE_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:34 UTC5531INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ad 5b 7d 77 9b 46 d6 ff 7f 3f 05 62 f7 28 b0 19 63 bb 69 9a 2e 2e f5 71 f4 92 a8 b5 63 af 25 b7 9b 4d 72 74 90 18 49 c4 08 28 83 6c ab 96 be fb f3 bb 33 20 90 84 64 a7 cf e6 24 c1 cc dc b9 73 e7 ce 7d bf f8 f0 9f b5 bf 69 ff d4 0e 9e ff 47 eb f6 ce ae 7b da 65 5b eb bd ef 5c 37 b5 2b bc 7d d4 3e 5c f6 3a 8d d6 f3 f1 d0 a6 f4 af 37 f1 85 36 f2 03 ae e1 39 70 05 f7 b4 28 d4 a2 44 f3 c3 61 94 c4 51 e2 a6 5c 68 53 fc 9f f8 6e a0 8d 92 68 aa a5 13 ae c5 49 f4 95 0f 53 a1 05 be 48 b1 68 c0 83 e8 5e 33 80 2e f1 b4 2b 37 49 e7 5a e7 ca b4 80 9f 03 9b 3f f6 43 ac 1e 46 f1 1c 3f 4f 52 2d 8c 52 7f c8 35 37 f4 24 b6 00 2f a1 e0 da 2c f4 78 a2 dd 4f fc e1 44 bb f0 87 49 24 a2 51 aa 25 7c c8 fd 3b 6c 22 66 18 5f df 82 69 6e c2 35 c1 53 6d
                                    Data Ascii: [}wF?b(ci..qc%MrtI(l3 d$s}iG{e[\7+}>\:769p(DaQ\hSnhISHh^3.+7IZ?CF?OR-R57$/,xODI$Q%|;l"f_in5Sm


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    19192.168.2.44976813.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:34 UTC668OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:34 UTC762INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:34 GMT
                                    Content-Type: image/gif
                                    Content-Length: 2672
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                    ETag: 0x8DB5C3F48EC4154
                                    x-ms-request-id: c8289c95-701e-0062-2dc9-f93edc000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044234Z-16579567576j7nvvu5n0ytgs1c00000001n00000000048yg
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L2_T2
                                    X-Cache: TCP_REMOTE_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:34 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                    Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    20192.168.2.44976713.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:34 UTC662OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:34 UTC740INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:34 GMT
                                    Content-Type: image/gif
                                    Content-Length: 3620
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                    ETag: 0x8DB5C3F4904824B
                                    x-ms-request-id: 7759adca-d01e-0012-3638-f9cf39000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044234Z-16579567576txfkctmnqv2e9c4000000011g00000000bwmc
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:34 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                    Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    21192.168.2.44977013.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC417OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:35 UTC761INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:35 GMT
                                    Content-Type: image/gif
                                    Content-Length: 3620
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                    ETag: 0x8DB5C3F4904824B
                                    x-ms-request-id: 7759adca-d01e-0012-3638-f9cf39000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044235Z-16579567576rhxz5kgqdm3tfq000000001cg00000000h4zv
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:35 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                    Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    22192.168.2.44977213.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC663OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:35 UTC806INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:35 GMT
                                    Content-Type: image/svg+xml
                                    Content-Length: 1435
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                    ETag: 0x8DB5C3F4911527F
                                    x-ms-request-id: c92fecb6-c01e-001e-1638-f95831000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044235Z-16579567576fh7f86y3uqsyhx0000000016g00000000g7bb
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    X-Cache-Info: L1_T2
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:35 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                    Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    23192.168.2.44977113.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC423OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:35 UTC755INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:35 GMT
                                    Content-Type: image/gif
                                    Content-Length: 2672
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                    ETag: 0x8DB5C3F48EC4154
                                    x-ms-request-id: c8289c95-701e-0062-2dc9-f93edc000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044235Z-16579567576fh7f86y3uqsyhx000000001d00000000000ev
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L1_T2
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:35 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                    Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    24192.168.2.44976913.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC435OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:35 UTC811INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:35 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 5531
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:44 GMT
                                    ETag: 0x8DC90CE9C8E6126
                                    x-ms-request-id: 6baff742-a01e-004e-15c9-f9d273000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044235Z-16579567576j7nvvu5n0ytgs1c00000001g000000000fhts
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L1_T2
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:35 UTC5531INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ad 5b 7d 77 9b 46 d6 ff 7f 3f 05 62 f7 28 b0 19 63 bb 69 9a 2e 2e f5 71 f4 92 a8 b5 63 af 25 b7 9b 4d 72 74 90 18 49 c4 08 28 83 6c ab 96 be fb f3 bb 33 20 90 84 64 a7 cf e6 24 c1 cc dc b9 73 e7 ce 7d bf f8 f0 9f b5 bf 69 ff d4 0e 9e ff 47 eb f6 ce ae 7b da 65 5b eb bd ef 5c 37 b5 2b bc 7d d4 3e 5c f6 3a 8d d6 f3 f1 d0 a6 f4 af 37 f1 85 36 f2 03 ae e1 39 70 05 f7 b4 28 d4 a2 44 f3 c3 61 94 c4 51 e2 a6 5c 68 53 fc 9f f8 6e a0 8d 92 68 aa a5 13 ae c5 49 f4 95 0f 53 a1 05 be 48 b1 68 c0 83 e8 5e 33 80 2e f1 b4 2b 37 49 e7 5a e7 ca b4 80 9f 03 9b 3f f6 43 ac 1e 46 f1 1c 3f 4f 52 2d 8c 52 7f c8 35 37 f4 24 b6 00 2f a1 e0 da 2c f4 78 a2 dd 4f fc e1 44 bb f0 87 49 24 a2 51 aa 25 7c c8 fd 3b 6c 22 66 18 5f df 82 69 6e c2 35 c1 53 6d
                                    Data Ascii: [}wF?b(ci..qc%MrtI(l3 d$s}iG{e[\7+}>\:769p(DaQ\hSnhISHh^3.+7IZ?CF?OR-R57$/,xODI$Q%|;l"f_in5Sm


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    25192.168.2.44977440.126.28.184434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC727OUTGET /b2a7b211-552b-4fc5-ad0d-b35b3a237e3e/winauth/ssoprobe?client-request-id=de01a722-6f49-4599-ab7d-ff51aec23674&_=1724906554053 HTTP/1.1
                                    Host: autologon.microsoftazuread-sso.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:36 UTC1183INHTTP/1.1 401 Unauthorized
                                    Cache-Control: no-store, no-cache
                                    Pragma: no-cache
                                    Content-Type: image/png; charset=utf-8
                                    Expires: -1
                                    Vary: Origin
                                    X-Content-Type-Options: nosniff
                                    Access-Control-Allow-Origin: https://login.microsoftonline.com
                                    Access-Control-Allow-Credentials: true
                                    Access-Control-Allow-Methods: GET, OPTIONS
                                    P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                    x-ms-request-id: 198b4992-bcb1-4bb4-9bdb-4485cae90e00
                                    x-ms-ests-server: 2.1.18794.6 - AUELR2 ProdSlices
                                    report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+chi"}]}
                                    nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
                                    Referrer-Policy: strict-origin-when-cross-origin
                                    X-XSS-Protection: 0
                                    WWW-Authenticate: Negotiate
                                    Set-Cookie: fpc=Ap2r3Ta-4q1KkwZUfRcAuYU; expires=Sat, 28-Sep-2024 04:42:36 GMT; path=/; secure; HttpOnly; SameSite=None
                                    Set-Cookie: x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
                                    Set-Cookie: stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
                                    Date: Thu, 29 Aug 2024 04:42:35 GMT
                                    Connection: close
                                    Content-Length: 12
                                    2024-08-29 04:42:36 UTC12INData Raw: 55 6e 61 75 74 68 6f 72 69 7a 65 64
                                    Data Ascii: Unauthorized


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    26192.168.2.449773152.199.21.1754434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:35 UTC701OUTGET /81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131 HTTP/1.1
                                    Host: aadcdn.msauthimages.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:37 UTC654INHTTP/1.1 200 OK
                                    Accept-Ranges: bytes
                                    Access-Control-Allow-Origin: *
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                    Cache-Control: public, max-age=86400
                                    Content-MD5: hBKm90sZaYHTvuJmsXvHVg==
                                    Content-Type: image/*
                                    Date: Thu, 29 Aug 2024 04:42:36 GMT
                                    Etag: 0x8D95AC3644BF561
                                    Last-Modified: Sun, 08 Aug 2021 23:22:29 GMT
                                    Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                    X-Content-Type-Options: nosniff
                                    x-ms-blob-type: BlockBlob
                                    x-ms-lease-status: unlocked
                                    x-ms-request-id: a780244c-401e-002b-05cd-f9fa78000000
                                    x-ms-version: 2009-09-19
                                    Content-Length: 141233
                                    Connection: close
                                    2024-08-29 04:42:37 UTC16383INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 0a 07 07 08 07 06 0a 08 08 08 0b 0a 0a 0b 0e 18 10 0e 0d 0d 0e 1d 15 16 11 18 23 1f 25 24 22 1f 22 21 26 2b 37 2f 26 29 34 29 21 22 30 41 31 34 39 3b 3e 3e 3e 25 2e 44 49 43 3c 48 37 3d 3e 3b ff db 00 43 01 0a 0b 0b 0e 0d 0e 1c 10 10 1c 3b 28 22 28 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b ff c2 00 11 08 02 a6 03 f9 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 04 00 01 02 03 05 06 07 ff c4 00 18 01 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 01 00 02 03 04 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 bd 8c af db e3 15 88 a7 7c
                                    Data Ascii: JFIFHHC#%$""!&+7/&)4)!"0A149;>>>%.DIC<H7=>;C;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"|
                                    2024-08-29 04:42:37 UTC16383INData Raw: b7 4f 8a b3 09 94 05 b4 f2 b1 45 ce 2c a9 0a 59 46 97 a2 84 6a e7 64 39 0e 09 b2 e7 b1 ed e7 5d 4f a8 e4 58 1e c5 eb 1b 77 c6 c7 ad f1 aa a4 3e 4b 61 d6 d3 2a 91 8f 65 16 f9 b2 ee bc 6a 72 aa 6c 53 75 5d 98 ed b1 62 7e 7c 9c 74 44 b7 55 35 8f 75 8d d9 f8 f1 e8 a3 a2 9c 6b b4 b6 0e d6 08 54 d2 16 db d4 f4 2d f5 a8 a9 c0 5a 9f 61 d7 94 73 b3 91 f1 9b 41 f5 10 ca c3 26 9e 74 db 86 d3 8d e8 70 7b 54 e8 4a 2f f0 b6 6e 5b 67 48 cb b1 9d 52 a3 55 96 d8 dd 14 f1 64 ca a6 b0 4f e0 cb 7c 8f 2c c6 57 95 c1 4b 83 4b 20 5b f1 ed e3 5a 15 45 b7 3d 78 61 f8 aa fa 39 e6 7b 0b 9a 50 78 e3 5b 2b ad 04 eb 41 2b 40 17 29 d5 32 6d b5 bb b1 c0 ba 6c 63 bd 34 d3 7e 35 16 58 5d 74 c8 fa 57 d1 b3 07 05 34 af e3 2b 2b 35 91 ab c9 2a d8 37 f6 d9 6f e2 29 79 a3 22 cd 64 13 4d b4 85
                                    Data Ascii: OE,YFjd9]OXw>Ka*ejrlSu]b~|tDU5ukT-ZasA&tp{TJ/n[gHRUdO|,WKK [ZE=xa9{Px[+A+@)2mlc4~5X]tW4++5*7o)y"dM
                                    2024-08-29 04:42:37 UTC16383INData Raw: cb 2c 51 7c 9a 5a 65 61 51 ea 7b 86 25 1d 42 1f 30 8e 8b 86 26 b0 ea 1a 2a 19 47 02 38 97 d8 9d cd 8c be 0a c3 a3 d9 63 13 e2 c6 9b 3b 28 ab 29 45 0b 89 63 e3 ca dd 16 21 b8 f5 35 0a 7d 95 1b b9 2c f5 c1 a5 09 0c ba 2f 14 aa 28 62 8a 86 23 52 b3 f4 32 f9 9f 63 47 25 8a 5a 8a 3d 16 5f 02 47 05 c7 50 a1 e3 ee 69 94 22 c4 d9 62 86 93 34 95 63 e0 5c 8d 50 97 89 e0 a3 47 65 09 73 9a 2c a3 50 a1 96 23 83 d9 47 a2 e2 cb c1 f4 26 38 62 51 73 42 e0 a1 56 5e a6 a2 c6 a1 0a 3d 42 e4 70 94 24 ee 2f 35 67 22 36 95 9d 66 e1 0d 88 b2 c6 59 c0 e2 c6 5e 1e e2 b1 71 42 28 5f b8 43 85 1c 61 65 cd 0e 6e 2c f6 38 51 62 e1 14 69 43 84 e5 45 cd 33 88 6b 04 26 cb 97 85 e5 65 c2 95 2b 05 82 fd cb e1 89 d9 48 43 94 bc 54 76 50 e3 a8 ea 1a b1 74 3e 4a 43 3d 45 64 cf 63 ca aa 54 50
                                    Data Ascii: ,Q|ZeaQ{%B0&*G8c;()Ec!5},/(b#R2cG%Z=_GPi"b4c\PGes,P#G&8bQsBV^=Bp$/5g"6fY^qB(_Caen,8QbiCE3k&e+HCTvPt>JC=EdcTP
                                    2024-08-29 04:42:37 UTC16383INData Raw: 12 07 0a 99 bf 48 6f b8 5c 20 e7 15 ed 5a 6c fd d9 0a 59 65 7e a5 fb 26 86 e5 4b a2 50 a7 1b ab f6 af 78 3e 14 66 15 86 10 da 54 2b 15 75 c8 e9 9c ab 64 7e 0f 8e 94 84 e2 72 ed d3 aa 1d a0 4c f4 15 05 50 62 f6 21 3f 60 9c 3a 5e ea cc 10 a5 c4 34 a9 38 e5 48 28 fe d5 a8 22 20 f6 a7 87 48 52 1f da b2 8c 94 f7 1d 4a 5a 7c a2 09 16 bd 8a 2e bd fc 28 bc ae 15 55 4a 0e 74 5d 57 a4 21 e0 cc 72 a3 83 74 27 74 7f 85 01 b6 45 a5 b9 56 b8 40 1e 84 55 70 b8 f8 5d a2 07 25 16 cc aa 80 ca 84 5e 76 0a 5d ee 7d dc 83 f4 ec 26 e8 f1 d5 d1 b1 42 b3 47 01 01 7b 74 b2 f5 98 6c 72 16 a1 de 55 f1 f8 1d e5 11 2a 17 82 aa d9 1e a2 51 3f b6 e8 c7 28 78 47 69 dc af 53 4f b7 e1 38 6a 72 99 05 04 48 3d ae 43 4f 72 8c fc 2e e2 af 78 de 32 80 69 b7 e1 85 ea 01 f2 a1 52 a0 cc f2 8b eb
                                    Data Ascii: Ho\ ZlYe~&KPx>fT+ud~rLPb!?`:^48H(" HRJZ|.(UJt]W!rt'tEV@Up]%^v]}&BG{tlrU*Q?(xGiSO8jrH=COr.x2iR
                                    2024-08-29 04:42:37 UTC16383INData Raw: 46 a6 84 0d ce 49 42 98 62 0b b1 4d bc 65 0a f6 d2 ba 85 03 9d b5 22 f5 0d 68 45 8a 0f b1 8a c5 d8 19 67 58 c1 bb 7b 94 94 7f 80 3f 10 45 2d 81 ee 34 a1 65 ae 55 69 e2 6f e9 0b 5e d1 93 a8 87 ae 3b 97 67 97 ef 19 d4 5d a3 e5 0a 83 88 e0 b5 e4 85 ec 3b 37 01 f8 92 f3 08 65 63 f3 91 64 ad 06 c9 f8 45 12 bb fa 43 0b 5a 9f eb 51 2b 72 ac ac 80 17 86 4f 33 30 a6 2c cb 4e c8 70 a1 2b 12 82 af 48 d6 1d ea e5 91 56 45 b5 2f e3 90 0c 1f 0c 15 0b 27 33 51 ae 10 fd 1a 96 6d d4 64 88 57 8b 3a 9e 2d 88 6e 93 14 ed b8 45 95 a3 0d 1a 62 85 0b d7 7e 20 6c cc 2c 15 c2 1c 01 2d a9 f7 c6 72 06 8e 0b 04 9d 82 0c 5b 1b b0 f3 2c 1a 5a 62 63 30 5e 49 b8 a0 d3 dc b6 0a 0c c7 11 fe 0d 18 62 06 ae 2a d3 a6 60 6a ad a1 ac cb 47 8c 77 3f e0 4c 5a 57 4a a9 be 8b b6 e3 55 6a 56 1c 82
                                    Data Ascii: FIBbMe"hEgX{?E-4eUio^;g];7ecdECZQ+rO30,Np+HVE/'3QmdW:-nEb~ l,-r[,Zbc0^Ib*`jGw?LZWJUjV
                                    2024-08-29 04:42:37 UTC16383INData Raw: e4 2f d0 69 a9 00 fc 69 16 a2 1a fa 17 da 3b 8b b0 20 4e 80 ad 8a 4c 26 cc c1 a7 38 b7 3a 26 ab 0b 56 4e 0c 30 f2 eb 8e 38 e3 8a 08 20 82 42 4f 6d 30 2c b2 cb 2f 1a c9 48 e3 c7 51 5b 74 16 9d 5c 51 bb 8a c9 3c c1 3b c0 fa 47 02 5d d6 58 0f 7c 42 b7 58 66 04 f2 f3 df 7f ef 7c a0 83 1c f3 df e8 00 02 60 00 49 00 1f 85 fd ea 8e 88 1f 22 a6 d3 c7 d2 fe 62 9c 7e 2b 65 0b 27 4a dc ee b8 0b b4 28 6f fe 3b c1 9b ca d0 08 43 0d 31 c3 0e 20 08 20 82 08 20 81 17 cf 37 bb c9 96 e2 45 2e cc 7a f5 10 5b 35 28 63 e9 90 27 f7 b5 c6 a4 4c c6 20 24 21 b6 0b 7c d4 3d c9 3a 34 10 00 04 11 4d b4 10 40 00 08 0f d2 51 1b e2 7c 99 a9 73 9a c9 5d 8f e4 48 72 16 54 04 7e 22 2c 0c a9 da 57 dd 20 39 1d ae 0b 00 53 df bf 5a df 4d be cb 2c b2 cb e3 8e 09 21 2d 29 35 e6 fc ec f4 e5 7a
                                    Data Ascii: /ii; NL&8:&VN08 BOm0,/HQ[t\Q<;G]X|BXf|`I"b~+e'J(o;C1 7E.z[5(c'L $!|=:4M@Q|s]HrT~",W 9SZM,!-)5z
                                    2024-08-29 04:42:37 UTC16383INData Raw: 74 00 09 4b d5 9c d4 c2 5d aa 84 1d 5f 30 13 da 35 4a c5 58 7e f1 44 5c 6d 2f 47 37 e2 ea 65 55 e0 53 c1 99 98 30 40 0e 0b af f5 ce e8 e9 7a 05 5f 1b 8c c0 f0 50 40 39 6e 59 74 14 03 40 ca 4f 9f a8 68 0c 34 50 7c c3 86 93 23 4f 23 1a c9 1b f0 06 01 56 70 bb cf c4 52 ee 81 b7 00 96 5e 5c 56 08 15 57 61 ac ec 8e 2b 57 09 2d 22 81 80 ee f7 9f 70 08 42 d8 42 01 cb fd 4b a0 d4 98 fe 0a eb 24 43 02 12 5c 76 cf 2c cb 0d 14 02 52 1e 49 f5 17 1c 05 50 53 af 70 75 4a 50 39 50 2b f7 96 15 2d 9a dd b4 d7 8b cc 07 13 02 36 98 69 f3 09 80 04 ca a2 ca ee 33 21 d9 4d 0a d3 54 73 88 50 40 36 1a 56 3c 4b 84 55 7a b5 62 dd 91 a4 79 18 09 2b 1d 17 7a 8b 9f ad a1 8a 51 6a dd 7d ca 84 24 d2 5b 48 d3 c4 c9 25 44 ec a0 ac 31 c6 a2 fb 7a b9 78 a4 35 5f b4 aa b6 55 88 4a a1 6b 75
                                    Data Ascii: tK]_05JX~D\m/G7eUS0@z_P@9nYt@Oh4P|#O#VpR^\VWa+W-"pBBK$C\v,RIPSpuJP9P+-6i3!MTsP@6V<KUzby+zQj}$[H%D1zx5_UJku
                                    2024-08-29 04:42:37 UTC16383INData Raw: 2d 6a f1 f1 14 81 52 fa fa 69 f8 5c 01 88 1c 96 cb 5e 0b 7e 23 36 f8 2c cb d9 5d b1 01 56 17 58 37 fb 03 ca e6 31 00 87 60 17 d3 2b 8c 86 70 a2 23 5d f1 f2 c6 0e 87 46 e8 28 bf 4f d1 3b 13 1b ca 36 06 00 e0 84 56 92 d8 db 9f 3e e1 ca d5 a5 05 d3 5d e5 8f 92 98 9a 18 2c e6 ed f8 8f 33 eb 09 bd 71 6e 2e 31 a4 1b 17 59 ce d9 ca c4 6a 55 f9 9b 23 b8 6d 64 5e 92 be 60 c5 ce 53 76 11 af cd 4a 2d f6 2c 78 b2 91 e2 1d 98 e2 08 bb c9 72 d8 f6 05 61 f0 ec ee 27 c0 0c 4d 82 de e8 20 2d 88 c9 36 f9 86 fa 74 1a 95 c6 de 7d 5f 4c 2c 35 9b d2 f2 f7 08 40 c2 ea f1 74 f8 80 ad 91 53 07 2b 7e a0 f5 14 a0 26 a5 fc 45 32 22 ad 56 1c 07 b6 9f 8f 31 6c dd 52 02 4c 5d ee 56 c1 57 00 c6 b2 7d 4b 0b c1 ac 15 81 c6 38 cf b9 5a 16 24 98 aa d3 f1 1b e9 90 73 67 76 6e af f6 82 74 79
                                    Data Ascii: -jRi\^~#6,]VX71`+p#]F(O;6V>],3qn.1YjU#md^`SvJ-,xra'M -6t}_L,5@tS+~&E2"V1lRL]VW}K8Z$sgvnty
                                    2024-08-29 04:42:37 UTC10169INData Raw: 58 94 62 1e 0c 01 f1 50 46 05 86 bf 35 2e 5d 54 55 c0 c4 a2 4e 01 5e ef a8 c6 c2 95 51 f6 20 52 86 7e bf f6 6e 03 17 01 bc 6f c1 0a ca 49 a6 1a c9 4c cb e1 2a d2 db 17 ae 2c 13 1e c8 af 60 af 35 a6 af dc 53 80 b7 24 6a b7 bb 87 10 1f 28 d0 5a 9c 1f 33 c0 94 82 01 2b 05 67 f6 e6 33 d7 6a 5d 25 e9 f8 83 63 05 8d b8 f3 2e 85 ed 76 ea 61 9a 6e af 8f 11 3f 6a 16 48 a6 0c 6d f3 1d a1 a3 65 e0 85 2a 69 55 07 29 07 31 de a6 83 39 92 ea 89 77 13 aa 5a a0 b2 a7 2f 22 ba ab 88 35 91 82 6b 39 f7 dc 6a ea d8 80 c7 6c 42 35 ed d7 67 f6 ca 7f 82 9b 2b 7e d7 b9 ab 23 a6 96 21 d8 8a 86 30 40 e0 e9 4f b9 68 1c b8 bc ca 44 ba f7 f5 0d 23 02 f7 2a 2e 3d 50 16 9e 65 34 9a 07 01 bc 7d 3f 32 9b 09 6a a8 7b 7f c1 99 49 4e 51 9c c0 0d 7c 54 00 65 e2 15 be a0 8a a4 9a 27 cd 15 ba
                                    Data Ascii: XbPF5.]TUN^Q R~noIL*,`5S$j(Z3+g3j]%c.van?jHme*iU)19wZ/"5k9jlB5g+~#!0@OhD#*.=Pe4}?2j{INQ|Te'


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    27192.168.2.44977613.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:36 UTC418OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:36 UTC785INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:36 GMT
                                    Content-Type: image/svg+xml
                                    Content-Length: 1435
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                    ETag: 0x8DB5C3F4911527F
                                    x-ms-request-id: c92fecb6-c01e-001e-1638-f95831000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044236Z-16579567576xfl5xzh7yws029s000000019000000000hfcq
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:36 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                    Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    28192.168.2.44977913.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:37 UTC663OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: image
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:37 UTC784INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:37 GMT
                                    Content-Type: image/svg+xml
                                    Content-Length: 621
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                    ETag: 0x8DB5C3F49ED96E0
                                    x-ms-request-id: 7b2f4d68-201e-0053-7851-f9e062000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044237Z-16579567576fh7f86y3uqsyhx0000000018000000000bsqv
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:37 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                    Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    29192.168.2.44978013.107.246.734434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:37 UTC624OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: script
                                    Referer: https://login.microsoftonline.com/
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:37 UTC797INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:37 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 35167
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:45 GMT
                                    ETag: 0x8DC90CE9CFCD37E
                                    x-ms-request-id: de79a0e0-201e-0021-7437-f9e72d000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044237Z-16579567576pg4fvvmc18u0v4g00000001fg000000007cxv
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:37 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 c4 bd 6b 43 db 48 b2 30 fc fd f9 15 e0 9d 65 ac b5 00 df 30 18 70 58 06 92 49 76 33 93 9c 5c 66 cf 2e 30 59 59 96 6d 0d b2 65 24 99 4b 02 cf 6f 7f eb d2 97 6a c9 90 cc 9c 67 df 33 e7 6c 70 57 df aa ab ab ab ab aa ab 5b db 7f 59 ff 3f 6b 7f 59 db fc f6 ff d6 de 7f 38 7e f7 61 ed cd 8b b5 0f 2f 5f bd 3b 5d 7b 0b a9 7f ae fd fc e6 c3 ab 93 e7 df de 0e 76 8a ff fb 30 8d f3 b5 71 9c 44 6b f0 77 18 e4 d1 68 2d 9d af a5 d9 5a 3c 0f d3 6c 91 66 41 11 e5 6b 33 f8 37 8b 83 64 6d 9c a5 b3 b5 62 1a ad 2d b2 f4 b7 28 2c f2 b5 24 ce 0b a8 34 8c 92 f4 66 ad 0e cd 65 a3 b5 b7 41 56 dc ad bd 7a eb 6d 41 fb 11 b4 16 4f e2 39 d4 0e d3 c5 1d fc 9e 16 6b f3 b4 88 c3 68 2d 98 8f a8 b5 04 12 f3 3c 5a 5b ce 47 51 b6 76 33 8d c3 e9 da 4f 71 98 a5 79
                                    Data Ascii: kCH0e0pXIv3\f.0YYme$Kojg3lpW[Y?kY8~a/_;]{v0qDkwh-Z<lfAk37dmb-(,$4feAVzmAO9kh-<Z[GQv3Oqy
                                    2024-08-29 04:42:37 UTC16384INData Raw: 62 3f 6c d2 9f 17 f8 6f fb 98 12 6d ca e9 35 29 c1 8f fd f5 7a 9c 80 62 2f 9e bf c0 7f 5f bc e8 6f d2 9f 1f 2e ee cf 97 a7 60 28 9c c1 9f 93 1f 4e f1 df 93 53 06 b6 5f 10 f0 18 9b 82 3f 1d 86 76 a8 e8 e9 6e 67 93 fe 1c 13 f4 87 6e 93 ca 36 5b f8 6f 9b 6b ec be b8 d8 a6 51 b7 be 46 54 9a 87 d7 f1 fc f2 75 30 8c 12 a6 23 6e 83 36 e3 34 ca 8b 78 4e 8f 36 70 76 c7 c9 fe 10 17 49 c4 19 5d a6 74 fb f7 1b 06 d6 3f 68 0c 77 dc a3 42 52 c6 f3 9f 82 5b 50 f6 e8 27 89 62 fa 35 40 0b 7d 3e 68 1d 50 ea 30 3c 20 36 ec 77 40 f6 83 82 01 ec 9d 85 52 ae 52 29 dc ca d0 7b b8 b9 39 f7 be e0 f6 ae 24 18 54 8c b9 7d 60 f1 d9 08 64 02 be 87 b0 95 5f c6 8b 0f e9 65 84 cb cd ef e3 6e 97 7a 54 74 c0 85 37 5b de bc d1 30 9e af cc b0 3c e1 b7 f4 37 5b 0f da 8b 01 cb 29 e0 4a e8 cc
                                    Data Ascii: b?lom5)zb/_o.`(NS_?vngn6[okQFTu0#n64xN6pvI]t?hwBR[P'b5@}>hP0< 6w@RR){9$T}`d_enzTt7[0<7[)J
                                    2024-08-29 04:42:37 UTC3196INData Raw: 1a c5 36 65 24 65 6c 49 0f fb f5 ae 8b 39 af bd 9d 61 77 65 05 ed d7 d3 02 8f 2a 24 e3 8c 33 d4 2e a8 2b 10 7f 09 1e df 70 01 67 5d 99 df 6e 0c fb 5e e1 91 97 41 8b 0c a8 c9 fe 8d cc 73 b7 53 8e e9 3a 34 77 9e 45 2b ef ec 74 19 f0 8d b3 7c 3e 09 f6 86 8c 6d f3 96 3d 09 ef 1d 6d 76 3c 76 22 86 62 6a d5 37 94 37 b1 1e 4d a8 9b 88 ca 1e 85 6f f4 5e e4 95 d5 e6 da 28 20 28 55 1f c5 39 1a 50 e3 2f d5 e6 b5 5e 6b 54 aa 15 a6 83 10 c2 eb d5 56 83 85 d7 6b c5 62 03 c3 e9 65 f8 5c 67 bf 17 78 27 80 5f d5 48 08 cb 5c a4 8c 4d f4 97 48 27 af 88 28 55 29 a6 52 0a 92 96 ca 0d 0a 2a d5 5a 2a 1a 18 32 bb a5 12 da f3 28 a9 ec 5f 4c 35 06 59 7d a3 e2 c4 db 35 55 20 1b 79 a9 46 cd 75 2e 7b 9d e6 2f e7 66 d0 3b 69 f7 2b d8 ee c7 57 e2 4d a1 62 a3 30 9d 66 26 e7 92 45 90 69
                                    Data Ascii: 6e$elI9awe*$3.+pg]n^AsS:4wE+t|>m=mv<v"bj77Mo^( (U9P/^kTVkbe\gx'_H\MH'(U)R*Z*2(_L5Y}5U yFu.{/f;i+WMb0f&Ei


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    30192.168.2.44978513.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:38 UTC418OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:38 UTC806INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:38 GMT
                                    Content-Type: image/svg+xml
                                    Content-Length: 621
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                    ETag: 0x8DB5C3F49ED96E0
                                    x-ms-request-id: a70f47e5-b01e-0023-78c9-f95995000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044238Z-16579567576p25xcxh3nycmsaw00000000z000000000n4b7
                                    x-fd-int-roxy-purgeid: 0
                                    X-Cache-Info: L2_T2
                                    X-Cache: TCP_REMOTE_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:38 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                    Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    31192.168.2.449784152.199.21.1754434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:38 UTC456OUTGET /81d6b03a-0oaqvemumiggapupispz73q-euqm382uqpsqys7gkkc/logintenantbranding/0/illustration?ts=637640617494988131 HTTP/1.1
                                    Host: aadcdn.msauthimages.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:38 UTC648INHTTP/1.1 200 OK
                                    Accept-Ranges: bytes
                                    Access-Control-Allow-Origin: *
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
                                    Age: 2
                                    Cache-Control: public, max-age=86400
                                    Content-MD5: hBKm90sZaYHTvuJmsXvHVg==
                                    Content-Type: image/*
                                    Date: Thu, 29 Aug 2024 04:42:38 GMT
                                    Etag: 0x8D95AC3644BF561
                                    Last-Modified: Sun, 08 Aug 2021 23:22:29 GMT
                                    Server: ECAcc (lhc/7970)
                                    X-Cache: HIT
                                    X-Content-Type-Options: nosniff
                                    x-ms-blob-type: BlockBlob
                                    x-ms-lease-status: unlocked
                                    x-ms-request-id: a780244c-401e-002b-05cd-f9fa78000000
                                    x-ms-version: 2009-09-19
                                    Content-Length: 141233
                                    Connection: close
                                    2024-08-29 04:42:38 UTC16383INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff db 00 43 00 0a 07 07 08 07 06 0a 08 08 08 0b 0a 0a 0b 0e 18 10 0e 0d 0d 0e 1d 15 16 11 18 23 1f 25 24 22 1f 22 21 26 2b 37 2f 26 29 34 29 21 22 30 41 31 34 39 3b 3e 3e 3e 25 2e 44 49 43 3c 48 37 3d 3e 3b ff db 00 43 01 0a 0b 0b 0e 0d 0e 1c 10 10 1c 3b 28 22 28 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b 3b ff c2 00 11 08 02 a6 03 f9 03 01 22 00 02 11 01 03 11 01 ff c4 00 1b 00 00 01 05 01 01 00 00 00 00 00 00 00 00 00 00 00 04 00 01 02 03 05 06 07 ff c4 00 18 01 01 01 01 01 01 00 00 00 00 00 00 00 00 00 00 00 01 00 02 03 04 ff da 00 0c 03 01 00 02 10 03 10 00 00 01 bd 8c af db e3 15 88 a7 7c
                                    Data Ascii: JFIFHHC#%$""!&+7/&)4)!"0A149;>>>%.DIC<H7=>;C;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"|
                                    2024-08-29 04:42:38 UTC16383INData Raw: b7 4f 8a b3 09 94 05 b4 f2 b1 45 ce 2c a9 0a 59 46 97 a2 84 6a e7 64 39 0e 09 b2 e7 b1 ed e7 5d 4f a8 e4 58 1e c5 eb 1b 77 c6 c7 ad f1 aa a4 3e 4b 61 d6 d3 2a 91 8f 65 16 f9 b2 ee bc 6a 72 aa 6c 53 75 5d 98 ed b1 62 7e 7c 9c 74 44 b7 55 35 8f 75 8d d9 f8 f1 e8 a3 a2 9c 6b b4 b6 0e d6 08 54 d2 16 db d4 f4 2d f5 a8 a9 c0 5a 9f 61 d7 94 73 b3 91 f1 9b 41 f5 10 ca c3 26 9e 74 db 86 d3 8d e8 70 7b 54 e8 4a 2f f0 b6 6e 5b 67 48 cb b1 9d 52 a3 55 96 d8 dd 14 f1 64 ca a6 b0 4f e0 cb 7c 8f 2c c6 57 95 c1 4b 83 4b 20 5b f1 ed e3 5a 15 45 b7 3d 78 61 f8 aa fa 39 e6 7b 0b 9a 50 78 e3 5b 2b ad 04 eb 41 2b 40 17 29 d5 32 6d b5 bb b1 c0 ba 6c 63 bd 34 d3 7e 35 16 58 5d 74 c8 fa 57 d1 b3 07 05 34 af e3 2b 2b 35 91 ab c9 2a d8 37 f6 d9 6f e2 29 79 a3 22 cd 64 13 4d b4 85
                                    Data Ascii: OE,YFjd9]OXw>Ka*ejrlSu]b~|tDU5ukT-ZasA&tp{TJ/n[gHRUdO|,WKK [ZE=xa9{Px[+A+@)2mlc4~5X]tW4++5*7o)y"dM
                                    2024-08-29 04:42:38 UTC16383INData Raw: cb 2c 51 7c 9a 5a 65 61 51 ea 7b 86 25 1d 42 1f 30 8e 8b 86 26 b0 ea 1a 2a 19 47 02 38 97 d8 9d cd 8c be 0a c3 a3 d9 63 13 e2 c6 9b 3b 28 ab 29 45 0b 89 63 e3 ca dd 16 21 b8 f5 35 0a 7d 95 1b b9 2c f5 c1 a5 09 0c ba 2f 14 aa 28 62 8a 86 23 52 b3 f4 32 f9 9f 63 47 25 8a 5a 8a 3d 16 5f 02 47 05 c7 50 a1 e3 ee 69 94 22 c4 d9 62 86 93 34 95 63 e0 5c 8d 50 97 89 e0 a3 47 65 09 73 9a 2c a3 50 a1 96 23 83 d9 47 a2 e2 cb c1 f4 26 38 62 51 73 42 e0 a1 56 5e a6 a2 c6 a1 0a 3d 42 e4 70 94 24 ee 2f 35 67 22 36 95 9d 66 e1 0d 88 b2 c6 59 c0 e2 c6 5e 1e e2 b1 71 42 28 5f b8 43 85 1c 61 65 cd 0e 6e 2c f6 38 51 62 e1 14 69 43 84 e5 45 cd 33 88 6b 04 26 cb 97 85 e5 65 c2 95 2b 05 82 fd cb e1 89 d9 48 43 94 bc 54 76 50 e3 a8 ea 1a b1 74 3e 4a 43 3d 45 64 cf 63 ca aa 54 50
                                    Data Ascii: ,Q|ZeaQ{%B0&*G8c;()Ec!5},/(b#R2cG%Z=_GPi"b4c\PGes,P#G&8bQsBV^=Bp$/5g"6fY^qB(_Caen,8QbiCE3k&e+HCTvPt>JC=EdcTP
                                    2024-08-29 04:42:38 UTC16383INData Raw: 12 07 0a 99 bf 48 6f b8 5c 20 e7 15 ed 5a 6c fd d9 0a 59 65 7e a5 fb 26 86 e5 4b a2 50 a7 1b ab f6 af 78 3e 14 66 15 86 10 da 54 2b 15 75 c8 e9 9c ab 64 7e 0f 8e 94 84 e2 72 ed d3 aa 1d a0 4c f4 15 05 50 62 f6 21 3f 60 9c 3a 5e ea cc 10 a5 c4 34 a9 38 e5 48 28 fe d5 a8 22 20 f6 a7 87 48 52 1f da b2 8c 94 f7 1d 4a 5a 7c a2 09 16 bd 8a 2e bd fc 28 bc ae 15 55 4a 0e 74 5d 57 a4 21 e0 cc 72 a3 83 74 27 74 7f 85 01 b6 45 a5 b9 56 b8 40 1e 84 55 70 b8 f8 5d a2 07 25 16 cc aa 80 ca 84 5e 76 0a 5d ee 7d dc 83 f4 ec 26 e8 f1 d5 d1 b1 42 b3 47 01 01 7b 74 b2 f5 98 6c 72 16 a1 de 55 f1 f8 1d e5 11 2a 17 82 aa d9 1e a2 51 3f b6 e8 c7 28 78 47 69 dc af 53 4f b7 e1 38 6a 72 99 05 04 48 3d ae 43 4f 72 8c fc 2e e2 af 78 de 32 80 69 b7 e1 85 ea 01 f2 a1 52 a0 cc f2 8b eb
                                    Data Ascii: Ho\ ZlYe~&KPx>fT+ud~rLPb!?`:^48H(" HRJZ|.(UJt]W!rt'tEV@Up]%^v]}&BG{tlrU*Q?(xGiSO8jrH=COr.x2iR
                                    2024-08-29 04:42:38 UTC16383INData Raw: 46 a6 84 0d ce 49 42 98 62 0b b1 4d bc 65 0a f6 d2 ba 85 03 9d b5 22 f5 0d 68 45 8a 0f b1 8a c5 d8 19 67 58 c1 bb 7b 94 94 7f 80 3f 10 45 2d 81 ee 34 a1 65 ae 55 69 e2 6f e9 0b 5e d1 93 a8 87 ae 3b 97 67 97 ef 19 d4 5d a3 e5 0a 83 88 e0 b5 e4 85 ec 3b 37 01 f8 92 f3 08 65 63 f3 91 64 ad 06 c9 f8 45 12 bb fa 43 0b 5a 9f eb 51 2b 72 ac ac 80 17 86 4f 33 30 a6 2c cb 4e c8 70 a1 2b 12 82 af 48 d6 1d ea e5 91 56 45 b5 2f e3 90 0c 1f 0c 15 0b 27 33 51 ae 10 fd 1a 96 6d d4 64 88 57 8b 3a 9e 2d 88 6e 93 14 ed b8 45 95 a3 0d 1a 62 85 0b d7 7e 20 6c cc 2c 15 c2 1c 01 2d a9 f7 c6 72 06 8e 0b 04 9d 82 0c 5b 1b b0 f3 2c 1a 5a 62 63 30 5e 49 b8 a0 d3 dc b6 0a 0c c7 11 fe 0d 18 62 06 ae 2a d3 a6 60 6a ad a1 ac cb 47 8c 77 3f e0 4c 5a 57 4a a9 be 8b b6 e3 55 6a 56 1c 82
                                    Data Ascii: FIBbMe"hEgX{?E-4eUio^;g];7ecdECZQ+rO30,Np+HVE/'3QmdW:-nEb~ l,-r[,Zbc0^Ib*`jGw?LZWJUjV
                                    2024-08-29 04:42:38 UTC5INData Raw: e4 2f d0 69 a9
                                    Data Ascii: /i
                                    2024-08-29 04:42:38 UTC16383INData Raw: 00 fc 69 16 a2 1a fa 17 da 3b 8b b0 20 4e 80 ad 8a 4c 26 cc c1 a7 38 b7 3a 26 ab 0b 56 4e 0c 30 f2 eb 8e 38 e3 8a 08 20 82 42 4f 6d 30 2c b2 cb 2f 1a c9 48 e3 c7 51 5b 74 16 9d 5c 51 bb 8a c9 3c c1 3b c0 fa 47 02 5d d6 58 0f 7c 42 b7 58 66 04 f2 f3 df 7f ef 7c a0 83 1c f3 df e8 00 02 60 00 49 00 1f 85 fd ea 8e 88 1f 22 a6 d3 c7 d2 fe 62 9c 7e 2b 65 0b 27 4a dc ee b8 0b b4 28 6f fe 3b c1 9b ca d0 08 43 0d 31 c3 0e 20 08 20 82 08 20 81 17 cf 37 bb c9 96 e2 45 2e cc 7a f5 10 5b 35 28 63 e9 90 27 f7 b5 c6 a4 4c c6 20 24 21 b6 0b 7c d4 3d c9 3a 34 10 00 04 11 4d b4 10 40 00 08 0f d2 51 1b e2 7c 99 a9 73 9a c9 5d 8f e4 48 72 16 54 04 7e 22 2c 0c a9 da 57 dd 20 39 1d ae 0b 00 53 df bf 5a df 4d be cb 2c b2 cb e3 8e 09 21 2d 29 35 e6 fc ec f4 e5 7a 35 a1 3e 17 d1
                                    Data Ascii: i; NL&8:&VN08 BOm0,/HQ[t\Q<;G]X|BXf|`I"b~+e'J(o;C1 7E.z[5(c'L $!|=:4M@Q|s]HrT~",W 9SZM,!-)5z5>
                                    2024-08-29 04:42:38 UTC16383INData Raw: 9c d4 c2 5d aa 84 1d 5f 30 13 da 35 4a c5 58 7e f1 44 5c 6d 2f 47 37 e2 ea 65 55 e0 53 c1 99 98 30 40 0e 0b af f5 ce e8 e9 7a 05 5f 1b 8c c0 f0 50 40 39 6e 59 74 14 03 40 ca 4f 9f a8 68 0c 34 50 7c c3 86 93 23 4f 23 1a c9 1b f0 06 01 56 70 bb cf c4 52 ee 81 b7 00 96 5e 5c 56 08 15 57 61 ac ec 8e 2b 57 09 2d 22 81 80 ee f7 9f 70 08 42 d8 42 01 cb fd 4b a0 d4 98 fe 0a eb 24 43 02 12 5c 76 cf 2c cb 0d 14 02 52 1e 49 f5 17 1c 05 50 53 af 70 75 4a 50 39 50 2b f7 96 15 2d 9a dd b4 d7 8b cc 07 13 02 36 98 69 f3 09 80 04 ca a2 ca ee 33 21 d9 4d 0a d3 54 73 88 50 40 36 1a 56 3c 4b 84 55 7a b5 62 dd 91 a4 79 18 09 2b 1d 17 7a 8b 9f ad a1 8a 51 6a dd 7d ca 84 24 d2 5b 48 d3 c4 c9 25 44 ec a0 ac 31 c6 a2 fb 7a b9 78 a4 35 5f b4 aa b6 55 88 4a a1 6b 75 fc c6 e7 00 92
                                    Data Ascii: ]_05JX~D\m/G7eUS0@z_P@9nYt@Oh4P|#O#VpR^\VWa+W-"pBBK$C\v,RIPSpuJP9P+-6i3!MTsP@6V<KUzby+zQj}$[H%D1zx5_UJku
                                    2024-08-29 04:42:38 UTC16383INData Raw: 81 52 fa fa 69 f8 5c 01 88 1c 96 cb 5e 0b 7e 23 36 f8 2c cb d9 5d b1 01 56 17 58 37 fb 03 ca e6 31 00 87 60 17 d3 2b 8c 86 70 a2 23 5d f1 f2 c6 0e 87 46 e8 28 bf 4f d1 3b 13 1b ca 36 06 00 e0 84 56 92 d8 db 9f 3e e1 ca d5 a5 05 d3 5d e5 8f 92 98 9a 18 2c e6 ed f8 8f 33 eb 09 bd 71 6e 2e 31 a4 1b 17 59 ce d9 ca c4 6a 55 f9 9b 23 b8 6d 64 5e 92 be 60 c5 ce 53 76 11 af cd 4a 2d f6 2c 78 b2 91 e2 1d 98 e2 08 bb c9 72 d8 f6 05 61 f0 ec ee 27 c0 0c 4d 82 de e8 20 2d 88 c9 36 f9 86 fa 74 1a 95 c6 de 7d 5f 4c 2c 35 9b d2 f2 f7 08 40 c2 ea f1 74 f8 80 ad 91 53 07 2b 7e a0 f5 14 a0 26 a5 fc 45 32 22 ad 56 1c 07 b6 9f 8f 31 6c dd 52 02 4c 5d ee 56 c1 57 00 c6 b2 7d 4b 0b c1 ac 15 81 c6 38 cf b9 5a 16 24 98 aa d3 f1 1b e9 90 73 67 76 6e af f6 82 74 79 b6 8d df 4e c5
                                    Data Ascii: Ri\^~#6,]VX71`+p#]F(O;6V>],3qn.1YjU#md^`SvJ-,xra'M -6t}_L,5@tS+~&E2"V1lRL]VW}K8Z$sgvntyN
                                    2024-08-29 04:42:38 UTC10164INData Raw: 01 f1 50 46 05 86 bf 35 2e 5d 54 55 c0 c4 a2 4e 01 5e ef a8 c6 c2 95 51 f6 20 52 86 7e bf f6 6e 03 17 01 bc 6f c1 0a ca 49 a6 1a c9 4c cb e1 2a d2 db 17 ae 2c 13 1e c8 af 60 af 35 a6 af dc 53 80 b7 24 6a b7 bb 87 10 1f 28 d0 5a 9c 1f 33 c0 94 82 01 2b 05 67 f6 e6 33 d7 6a 5d 25 e9 f8 83 63 05 8d b8 f3 2e 85 ed 76 ea 61 9a 6e af 8f 11 3f 6a 16 48 a6 0c 6d f3 1d a1 a3 65 e0 85 2a 69 55 07 29 07 31 de a6 83 39 92 ea 89 77 13 aa 5a a0 b2 a7 2f 22 ba ab 88 35 91 82 6b 39 f7 dc 6a ea d8 80 c7 6c 42 35 ed d7 67 f6 ca 7f 82 9b 2b 7e d7 b9 ab 23 a6 96 21 d8 8a 86 30 40 e0 e9 4f b9 68 1c b8 bc ca 44 ba f7 f5 0d 23 02 f7 2a 2e 3d 50 16 9e 65 34 9a 07 01 bc 7d 3f 32 9b 09 6a a8 7b 7f c1 99 49 4e 51 9c c0 0d 7c 54 00 65 e2 15 be a0 8a a4 9a 27 cd 15 ba 94 c9 92 c6 cf
                                    Data Ascii: PF5.]TUN^Q R~noIL*,`5S$j(Z3+g3j]%c.van?jHme*iU)19wZ/"5k9jlB5g+~#!0@OhD#*.=Pe4}?2j{INQ|Te'


                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                    32192.168.2.44978613.107.246.604434412C:\Program Files\Google\Chrome\Application\chrome.exe
                                    TimestampBytes transferredDirectionData
                                    2024-08-29 04:42:38 UTC439OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js HTTP/1.1
                                    Host: aadcdn.msauth.net
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                    Accept: */*
                                    Sec-Fetch-Site: none
                                    Sec-Fetch-Mode: cors
                                    Sec-Fetch-Dest: empty
                                    Accept-Encoding: gzip, deflate, br
                                    Accept-Language: en-US,en;q=0.9
                                    2024-08-29 04:42:38 UTC797INHTTP/1.1 200 OK
                                    Date: Thu, 29 Aug 2024 04:42:38 GMT
                                    Content-Type: application/x-javascript
                                    Content-Length: 35167
                                    Connection: close
                                    Cache-Control: public, max-age=31536000
                                    Content-Encoding: gzip
                                    Last-Modified: Thu, 20 Jun 2024 02:13:45 GMT
                                    ETag: 0x8DC90CE9CFCD37E
                                    x-ms-request-id: de79a0e0-201e-0021-7437-f9e72d000000
                                    x-ms-version: 2009-09-19
                                    x-ms-lease-status: unlocked
                                    x-ms-blob-type: BlockBlob
                                    Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                    Access-Control-Allow-Origin: *
                                    x-azure-ref: 20240829T044238Z-16579567576ztstdfgdnkw0mpw00000001fg00000000gf4b
                                    x-fd-int-roxy-purgeid: 4554691
                                    X-Cache: TCP_HIT
                                    Accept-Ranges: bytes
                                    2024-08-29 04:42:38 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 c4 bd 6b 43 db 48 b2 30 fc fd f9 15 e0 9d 65 ac b5 00 df 30 18 70 58 06 92 49 76 33 93 9c 5c 66 cf 2e 30 59 59 96 6d 0d b2 65 24 99 4b 02 cf 6f 7f eb d2 97 6a c9 90 cc 9c 67 df 33 e7 6c 70 57 df aa ab ab ab ab aa ab 5b db 7f 59 ff 3f 6b 7f 59 db fc f6 ff d6 de 7f 38 7e f7 61 ed cd 8b b5 0f 2f 5f bd 3b 5d 7b 0b a9 7f ae fd fc e6 c3 ab 93 e7 df de 0e 76 8a ff fb 30 8d f3 b5 71 9c 44 6b f0 77 18 e4 d1 68 2d 9d af a5 d9 5a 3c 0f d3 6c 91 66 41 11 e5 6b 33 f8 37 8b 83 64 6d 9c a5 b3 b5 62 1a ad 2d b2 f4 b7 28 2c f2 b5 24 ce 0b a8 34 8c 92 f4 66 ad 0e cd 65 a3 b5 b7 41 56 dc ad bd 7a eb 6d 41 fb 11 b4 16 4f e2 39 d4 0e d3 c5 1d fc 9e 16 6b f3 b4 88 c3 68 2d 98 8f a8 b5 04 12 f3 3c 5a 5b ce 47 51 b6 76 33 8d c3 e9 da 4f 71 98 a5 79
                                    Data Ascii: kCH0e0pXIv3\f.0YYme$Kojg3lpW[Y?kY8~a/_;]{v0qDkwh-Z<lfAk37dmb-(,$4feAVzmAO9kh-<Z[GQv3Oqy
                                    2024-08-29 04:42:38 UTC16384INData Raw: 62 3f 6c d2 9f 17 f8 6f fb 98 12 6d ca e9 35 29 c1 8f fd f5 7a 9c 80 62 2f 9e bf c0 7f 5f bc e8 6f d2 9f 1f 2e ee cf 97 a7 60 28 9c c1 9f 93 1f 4e f1 df 93 53 06 b6 5f 10 f0 18 9b 82 3f 1d 86 76 a8 e8 e9 6e 67 93 fe 1c 13 f4 87 6e 93 ca 36 5b f8 6f 9b 6b ec be b8 d8 a6 51 b7 be 46 54 9a 87 d7 f1 fc f2 75 30 8c 12 a6 23 6e 83 36 e3 34 ca 8b 78 4e 8f 36 70 76 c7 c9 fe 10 17 49 c4 19 5d a6 74 fb f7 1b 06 d6 3f 68 0c 77 dc a3 42 52 c6 f3 9f 82 5b 50 f6 e8 27 89 62 fa 35 40 0b 7d 3e 68 1d 50 ea 30 3c 20 36 ec 77 40 f6 83 82 01 ec 9d 85 52 ae 52 29 dc ca d0 7b b8 b9 39 f7 be e0 f6 ae 24 18 54 8c b9 7d 60 f1 d9 08 64 02 be 87 b0 95 5f c6 8b 0f e9 65 84 cb cd ef e3 6e 97 7a 54 74 c0 85 37 5b de bc d1 30 9e af cc b0 3c e1 b7 f4 37 5b 0f da 8b 01 cb 29 e0 4a e8 cc
                                    Data Ascii: b?lom5)zb/_o.`(NS_?vngn6[okQFTu0#n64xN6pvI]t?hwBR[P'b5@}>hP0< 6w@RR){9$T}`d_enzTt7[0<7[)J
                                    2024-08-29 04:42:38 UTC3196INData Raw: 1a c5 36 65 24 65 6c 49 0f fb f5 ae 8b 39 af bd 9d 61 77 65 05 ed d7 d3 02 8f 2a 24 e3 8c 33 d4 2e a8 2b 10 7f 09 1e df 70 01 67 5d 99 df 6e 0c fb 5e e1 91 97 41 8b 0c a8 c9 fe 8d cc 73 b7 53 8e e9 3a 34 77 9e 45 2b ef ec 74 19 f0 8d b3 7c 3e 09 f6 86 8c 6d f3 96 3d 09 ef 1d 6d 76 3c 76 22 86 62 6a d5 37 94 37 b1 1e 4d a8 9b 88 ca 1e 85 6f f4 5e e4 95 d5 e6 da 28 20 28 55 1f c5 39 1a 50 e3 2f d5 e6 b5 5e 6b 54 aa 15 a6 83 10 c2 eb d5 56 83 85 d7 6b c5 62 03 c3 e9 65 f8 5c 67 bf 17 78 27 80 5f d5 48 08 cb 5c a4 8c 4d f4 97 48 27 af 88 28 55 29 a6 52 0a 92 96 ca 0d 0a 2a d5 5a 2a 1a 18 32 bb a5 12 da f3 28 a9 ec 5f 4c 35 06 59 7d a3 e2 c4 db 35 55 20 1b 79 a9 46 cd 75 2e 7b 9d e6 2f e7 66 d0 3b 69 f7 2b d8 ee c7 57 e2 4d a1 62 a3 30 9d 66 26 e7 92 45 90 69
                                    Data Ascii: 6e$elI9awe*$3.+pg]n^AsS:4wE+t|>m=mv<v"bj77Mo^( (U9P/^kTVkbe\gx'_H\MH'(U)R*Z*2(_L5Y}5U yFu.{/f;i+WMb0f&Ei


                                    Statistics

                                    CPU Usage

                                    Click to jump to process

                                    Memory Usage

                                    Click to jump to process

                                    Behavior

                                    Click to jump to process

                                    System Behavior

                                    General

                                    Target ID:0
                                    Start time:00:42:16
                                    Start date:29/08/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                    Imagebase:0x7ff76e190000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:false

                                    General

                                    Target ID:2
                                    Start time:00:42:18
                                    Start date:29/08/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2208,i,972951138316772105,17389294996650650195,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                    Imagebase:0x7ff7699e0000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:false

                                    General

                                    Target ID:3
                                    Start time:00:42:20
                                    Start date:29/08/2024
                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                    Wow64 process (32bit):false
                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://australianfoodandfibre.servicedeskplus.net.au/app/itdesk/ui/requests/867000003351579/details"
                                    Imagebase:0x7ff76e190000
                                    File size:3'242'272 bytes
                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                    Has elevated privileges:true
                                    Has administrator privileges:true
                                    Programmed in:C, C++ or other language
                                    Reputation:low
                                    Has exited:true

                                    Disassembly

                                    No disassembly