Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

Overview

General Information

Sample URL:	https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9
Analysis ID:	1525198
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Submit button contains javascript call

Classification

×

Process Tree

System is w10x64_ra

chrome.exe (PID: 6956 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6184 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1848,i,10871524256218852607,2313697725685453947,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 4720 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Malware Configuration

⊘No configs have been found

Yara Signatures

⊘No yara matches

Sigma Signatures

⊘No Sigma rule has matched

Suricata Signatures

⊘No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

HTTP Parser: Number of links: 0

Source: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

HTTP Parser: Title: Sharing Link Validation does not match URL

Source: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

HTTP Parser: On click: javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("btnSubmitEmail", "", true, "", "", false, true))

Source: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

HTTP Parser: No <meta name="author".. found

Source: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49736 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200
Source: unknown	TCP traffic detected without corresponding DNS query: 172.202.163.200

Source: global traffic	HTTP traffic detected: GET /:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=316q7TOCatO3Ingg_2toqHYgSztx0kmzxudaxTXeVxsDvdWPW2qKKfmmtTdjs2iKQnJaH-dVFlchcLUOhXPwmHjLnK_GH0ffEcENjUBVh2KHipw8vrRTA_8i3ehkxBzmxOw9znwxubvbpOd-V87wK26zPVBt5BRmiSbeGCtXwiQgyOdha9awNWx5GJc-3fb80&t=7a0cc936 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/microsoft-logo.png HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=316q7TOCatO3Ingg_2toqHYgSztx0kmzxudaxTXeVxsDvdWPW2qKKfmmtTdjs2iKQnJaH-dVFlchcLUOhXPwmHjLnK_GH0ffEcENjUBVh2KHipw8vrRTA_8i3ehkxBzmxOw9znwxubvbpOd-V87wK26zPVBt5BRmiSbeGCtXwiQgyOdha9awNWx5GJc-3fb80&t=7a0cc936 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1Host: ppsd-my.sharepoint.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VgOf2reZfZYs9Ys&MD=LUZ9T9+t HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VgOf2reZfZYs9Ys&MD=LUZ9T9+t HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com

Source: global traffic	DNS traffic detected: DNS query: ppsd-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: m365cdn.nel.measure.office.net

Source: chromecache_81.1.dr, chromecache_70.1.dr	String found in binary or memory: http://github.com/jrburke/requirejs
Source: chromecache_79.1.dr	String found in binary or memory: https://ppsd-my.sharepoint.com/personal/dpringle_putnampsd_com/_layouts/15/images/pdf.png
Source: chromecache_85.1.dr, chromecache_80.1.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_79.1.dr	String found in binary or memory: https://res-1.cdn.office.net
Source: chromecache_79.1.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.25311.12013/require.js
Source: chromecache_79.1.dr	String found in binary or memory: https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.007/
Source: chromecache_79.1.dr	String found in binary or memory: https://res-2.cdn.office.net/files/odsp-web-prod_2024-09-20.007/
Source: chromecache_79.1.dr	String found in binary or memory: https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.202.163.200:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.16:49736 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@17/36@12/5

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1848,i,10871524256218852607,2313697725685453947,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1848,i,10871524256218852607,2313697725685453947,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk			Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	Windows Management Instrumentation	1 Scripting	1 Process Injection	3 Masquerading	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 Registry Run Keys / Startup Folder	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	2 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

⊘No Antivirus matches

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

⊘No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
https://reactjs.org/docs/error-decoder.html?invariant=	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
dual-spo-0005.spo-msedge.net	13.107.136.10	true	false		unknown
www.google.com	172.217.16.132	true	false		unknown
ppsd-my.sharepoint.com	unknown	unknown	false		unknown
m365cdn.nel.measure.office.net	unknown	unknown	false		unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://ppsd-my.sharepoint.com/_layouts/15/images/microsoft-logo.png	false		unknown
https://ppsd-my.sharepoint.com/WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381	false		unknown
https://ppsd-my.sharepoint.com/ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c	false		unknown
https://ppsd-my.sharepoint.com/ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936	false		unknown
https://ppsd-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://github.com/jrburke/requirejs	chromecache_81.1.dr, chromecache_70.1.dr	false		unknown
https://ppsd-my.sharepoint.com/personal/dpringle_putnampsd_com/_layouts/15/images/pdf.png	chromecache_79.1.dr	false		unknown
https://spoprod-a.akamaihd.net/files/odsp-common-library-prod_2019-02-15_20190219.002/require.js	chromecache_79.1.dr	false		unknown
https://reactjs.org/docs/error-decoder.html?invariant=	chromecache_85.1.dr, chromecache_80.1.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	Flag	ASN	ASN Name	Malicious
13.107.136.10	dual-spo-0005.spo-msedge.net	United States		8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.186.36	unknown	United States		15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved		unknown	unknown	false
172.217.16.132	www.google.com	United States		15169	GOOGLEUS	false

Private

IP
192.168.2.16

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1525198
Start date and time:	2024-10-03 20:57:41 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 3m 20s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Sample URL:	https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	13
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean2.win@17/36@12/5

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 199.232.210.172, 172.217.18.3, 142.250.185.206, 74.125.133.84, 34.104.35.123, 2.23.209.46, 2.23.209.33, 2.23.209.38, 2.23.209.32, 2.23.209.24, 2.23.209.42, 2.23.209.37, 2.23.209.11, 142.250.185.170, 142.250.186.170, 142.250.186.42, 172.217.16.138, 142.250.185.74, 142.250.185.138, 142.250.184.202, 172.217.18.10, 142.250.185.202, 142.250.185.106, 142.250.186.106, 142.250.184.234, 142.250.181.234, 216.58.212.170, 142.250.185.234, 216.58.206.42, 2.19.126.146, 2.19.126.143, 142.250.184.206, 216.58.206.78, 216.58.206.35, 2.16.168.7, 2.16.168.12, 2.19.126.163
Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, e40491.dscd.akamaiedge.net, ctldl.windowsupdate.com, clientservices.googleapis.com, res-1.cdn.office.net, 193267-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net, a1894.dscb.akamai.net, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, nel.measure.office.net.edgesuite.net, redirector.gvt1.com, update.googleapis.com, clients.l.google.com, res-1.cdn.office.net-c.edgekey.net, res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net
Not all processes where analyzed, report is missing behavior information
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9

Simulations

Behavior and APIs

⊘No simulations

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Created / dropped Files

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:58:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2673
Entropy (8bit):	3.979879513549409
Encrypted:	false
SSDEEP:	48:86d3TvDsHpidAKZdA1FehwiZUklqehgy+3:8KnO3y
MD5:	28073AF863812667D72BA424111658EB
SHA1:	40F7341B48ED5B247A7E57A2DEF8B38B9472C71A
SHA-256:	76138F60AA221EB03BD6DC63C5BF3986A2F7E37496FD56CAF937AF73D8299DDB
SHA-512:	84BC6F1A0B6D1957846BE8D269F3F3C53E28414BDE9EF31D0D4B00344F6C40C4747C2E3C42DB18DF479826D81F6E58764868BD83D2B8EF1F6A2B27B2A7D15358
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....G.1....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VCYF............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:58:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	4.00019369400102
Encrypted:	false
SSDEEP:	48:85d3TvDsHpidAKZdA1seh/iZUkAQkqehny+2:8Tno9QKy
MD5:	B5135F9069BDEEFE5B7A9EDD65E30D5E
SHA1:	22BBA2E734B729161FA6F215BE8F1071075EC482
SHA-256:	D829D7E8E967278A393262F843E5BA5107DA9CE8065B8161BCE909B8800884EA
SHA-512:	7F4BCAC258A54BA69B38F736C903A488EE44FF59069C8500A515B039E09913D5919F1E72511316DEB9DE146C766C8BF4FAFC7125D772057B7DAD1D2295F94A4D
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......1....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VCYF............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2689
Entropy (8bit):	4.00630044655218
Encrypted:	false
SSDEEP:	48:8Wd3TvDAHpidAKZdA14meh7sFiZUkmgqeh7sBy+BX:82nInzy
MD5:	461450FE544C8E3425A4759F5B012544
SHA1:	BEFE7A52B57D5C1B558FB937E6EE9169F72A26FF
SHA-256:	AB53BADD4263CF379ACAD709F3250ADADBC0F0A72AB51517B9CDF75A14E80F8F
SHA-512:	F95EE6718B22FF5588A32CE5756A128A534FA0FFF7BB5476884061EA8AD4BF3EB1B94DFE1EFFA62C2F9C18CEC55D40F2676FBB568DCCFC8E45D76E531B34B7CC
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:58:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.99400359217999
Encrypted:	false
SSDEEP:	48:8Bd3TvDsHpidAKZdA1TehDiZUkwqehby+R:87nDpy
MD5:	85DCF60FEED6C6350005DB3631A8C480
SHA1:	163C863DCC5E30ADFC07E57D834DC02143CB4590
SHA-256:	28A06DF64003715AB0143350A2CBFBF774D3F5B1229D70D05960FA23A3934474
SHA-512:	801948259A5FC43DD89272BE7CAB0A0654E52FBBD46776EF88F537E84282B562FFEB6674372E35166CB22A613F1BD8DEEB0D1CD83AFB67C567B269AB820CD670
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....zh.1....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VCYF............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:58:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2677
Entropy (8bit):	3.9851831357964405
Encrypted:	false
SSDEEP:	48:88d3TvDsHpidAKZdA1dehBiZUk1W1qehty+C:8Unz9Ny
MD5:	2C3EB08AE96036B4C782F0FF17F8713F
SHA1:	F0D9E911414FF51DA3861A2C8D5CE73C2D4758B6
SHA-256:	9E310D4C732360518EC207940F24B22A7F9EE5098D975E411325CFBED996C5F9
SHA-512:	4CF1A97814DAF4FBD788DE062BFB5D3DC59973AE26281A11CECAB62A915CFD230BA9DB161A73CE515EC9118028D292C1F754D35393D9C6B88DA10A14B9899D37
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,.......1....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VCYF............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 3 17:58:11 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2679
Entropy (8bit):	3.9927399160098376
Encrypted:	false
SSDEEP:	48:8hd3TvDsHpidAKZdA1duTeehOuTbbiZUk5OjqehOuTbzy+yT+:8bnXTfTbxWOvTbzy7T
MD5:	335D1420737DDCEB8FBDA7B7909A027D
SHA1:	35FFA55EBC4D74C3439ACDB146DDFA40D798D213
SHA-256:	39A1A973CAFF6303DB90DF0732854C11B6AB5F79294DF9B2F59DB9E038425E51
SHA-512:	BBB2F3B00B00A4219E5824D32B072B6F32935B6560F18F0BFDFDC05A6CF93FAF406B69BF36A4A02EA0F5420E2AD06A02D1754AEF748EE4AE0275A7857200121A
Malicious:	false
Reputation:	low
Preview:	L..................F.@.. ...$+.,....'+.1....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.ICY;.....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCYE.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCYE.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCYE............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VCYF............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............ .=.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

Chrome Cache Entry: 70

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	dropped
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:	384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	low
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 71

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	dropped
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 72

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	dropped
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:	384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	low
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 73

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	XML 1.0 document, Unicode text, UTF-8 (with BOM) text
Category:	downloaded
Size (bytes):	215
Entropy (8bit):	5.288150913029516
Encrypted:	false
SSDEEP:	6:JiMVBdgqZjZWtMfgRTH1Av9/IUIIJDXQRIMSlrug6n:MMHdVBZWyUTq0INXh6
MD5:	6C6AD5780CE2219B59526ABBAC3CCD80
SHA1:	7570FAC39E84F2409D43EA81E8EA1A5DE64D3B7F
SHA-256:	8D7049B61AA93BAEE7D76BC54A0507E73D10E3DE116AFE63C169CEE2A09A6EFD
SHA-512:	9BDF057415A3D46EA736D35F6343DB8279B53E71777A0A660D9C26E377C7283AEEE0C033CD3F469C00619A912CB1A3680A676BAA2B31445859C5D8DD1EFE950F
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.007/@uifabric/file-type-icons/lib/initializeFileTypeIcons.js
Preview:	.<?xml version="1.0" encoding="utf-8"?><Error><Code>BlobNotFound</Code><Message>The specified blob does not exist..RequestId:ec6ef1af-e01e-0011-1ec6-15f2b4000000.Time:2024-10-03T18:58:14.7772553Z</Message></Error>

Chrome Cache Entry: 74

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel
Category:	downloaded
Size (bytes):	7886
Entropy (8bit):	3.9482833105763633
Encrypted:	false
SSDEEP:	48:gubb4a2MNTgopLqyhFTv07EVc91JbV5FIXH0wp53O:Bbb4a5NTX1c9L6E
MD5:	0B60F3C9E4DA6E807E808DA7360F24F2
SHA1:	9AFC7ABB910DE855EFB426206E547574A1E074B7
SHA-256:	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
SHA-512:	1328363987ABBAD1B927FC95F0A3D5646184EF69D66B42F32D1185EE06603AE1A574FAC64472FB6E349C2CE99F9B54407BA72B2908CA7AB01D023EC2F47E7E80
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/_layouts/15/images/favicon.ico?rev=47
Preview:	...... .... .....6......... ............... .h...f...(... ...@..... ...........................................................................70..7...7...7...7...7...7...70..............................................................................................7`..7...7...7...7...7...7...7...7...7`......................................................................................7P..7...7...7...7...7...7...7...7...7...7...7P..............................................................................7...7...7...7...7...7...7...7...7...7...7...7...7...7...........................................................................7`..7...7...7...7...7...7...7...7...7...7...7...7...7`..........................................................................,...,...,...,...,...,...,.......7...7...7...7...7...7...........................................................................'...'...'...'...'...'...'...'...2...7...7...7...7...,....................`..........................

Chrome Cache Entry: 75

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (39257), with CRLF line terminators
Category:	downloaded
Size (bytes):	40326
Entropy (8bit):	5.245555585297941
Encrypted:	false
SSDEEP:	384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
MD5:	DA9DC1C32E89C02FC1E9EEB7E5AAB91E
SHA1:	3EFB110EFA6068CE6B586A67F87DA5125310BC30
SHA-256:	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
SHA-512:	D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

Chrome Cache Entry: 76

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:	384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	low
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 77

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	dropped
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:	1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	low
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 78

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:	384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	low
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Chrome Cache Entry: 79

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	HTML document, ASCII text, with very long lines (30522), with CRLF, LF line terminators
Category:	downloaded
Size (bytes):	69147
Entropy (8bit):	5.669764120391855
Encrypted:	false
SSDEEP:	1536:PlgguXdWhboWXBOxSPSW8N6fGNNK4OKgJs2wVXamH37:PLukCGeTK4XbVXaQ
MD5:	AE229FE7EC4722E10580F185DE91F8CF
SHA1:	72D21FF24F0582CD89E8AAA20F8F4199B1F66B9E
SHA-256:	57007AAA25097D124FF31E6AB92A2F66FA2303231296B86E793C6791EBCA84B7
SHA-512:	F3E54DDEFF6ED4DDE49AF14062E3598DCC55DD0BB99692FAB3CC0540D5B865C58DAB42081C73ECBD75421C55662A161C85A5C36CB8A3162B998883A463DA3B24
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9
Preview:	..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">..<html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr">..<head><meta name="GENERATOR" content="Microsoft SharePoint" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta http-equiv="Expires" content="0" /><meta name="Robots" content="NOHTMLINDEX" /><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" /><meta http-equiv="X-UA-Compatible" content="IE=edge" /><link id="favicon" rel="shortcut icon" href="/_layouts/15/images/favicon.ico?rev=47" type="image/vnd.microsoft.icon" /><title>...Sharing Link Validation..</title>...<style type="text/css" media="screen, print, projection">....html{line-height:1.15;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}body{margin:0}article,aside,footer,header,nav,section{display:block}h1{font-size:2em;margin:.67em 0}figcaption,figure,ma

Chrome Cache Entry: 80

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	dropped
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:	768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	low
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 81

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (17444)
Category:	downloaded
Size (bytes):	17672
Entropy (8bit):	5.233316811547578
Encrypted:	false
SSDEEP:	384:lpLsOooX8uvFBiRh+HnEDuvvy1pqvuvDX/0ohHK9mm+tMHvVOPoQeOMmuI:QnoX8uNB2YHnEDsvy1pqvub/0iq4NMHM
MD5:	6EFDDF589864D2E146A55C01C6764A35
SHA1:	EFA8BBA46CB97877EEC5430C43F0AC32585B6B2F
SHA-256:	2D92F0CE8491D2F9A27EA16D261A15089C4A9BE879D1EEDCB6F4A3859E7F1999
SHA-512:	1AFC735660AAE010C04EF89C732D08EBA1B87BE6048164F273BEAEBECA3F30062812B4CD141DDF0291A6AB54F730875D597678A3564C0EED2AAC11E5400F951A
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/bld/_layouts/15/16.0.25311.12013/require.js
Preview:	/** vim: et:ts=4:sw=4:sts=4. * @license RequireJS 2.1.22 Copyright (c) 2010-2015, The Dojo Foundation All Rights Reserved.. * Available via the MIT or new BSD license.. * see: http://github.com/jrburke/requirejs for details. */.var requirejs,require,define;!function(global){function isFunction(e){return"[object Function]"===ostring.call(e)}function isArray(e){return"[object Array]"===ostring.call(e)}function each(e,t){if(e){var r;for(r=0;r<e.length&&(!e[r]\|\|!t(e[r],r,e));r+=1);}}function eachReverse(e,t){if(e){var r;for(r=e.length-1;r>-1&&(!e[r]\|\|!t(e[r],r,e));r-=1);}}function hasProp(e,t){return hasOwn.call(e,t)}function getOwn(e,t){return hasProp(e,t)&&e[t]}function eachProp(e,t){var r;for(r in e)if(hasProp(e,r)&&t(e[r],r))break}function mixin(e,t,r,i){return t&&eachProp(t,function(t,n){(r\|\|!hasProp(e,n))&&(!i\|\|"object"!=typeof t\|\|!t\|\|isArray(t)\|\|isFunction(t)\|\|t instanceof RegExp?e[n]=t:(e[n]\|\|(e[n]={}),mixin(e[n],t,r,i)))}),e}function bind(e,t){return function(){return t.apply(e,ar

Chrome Cache Entry: 82

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	downloaded
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/_layouts/15/images/microsoft-logo.png
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Chrome Cache Entry: 83

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65329), with CRLF line terminators
Category:	downloaded
Size (bytes):	102801
Entropy (8bit):	5.336080509196147
Encrypted:	false
SSDEEP:	1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
MD5:	C89EAA5B28DF1E17376BE71D71649173
SHA1:	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
SHA-256:	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
SHA-512:	B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/ScriptResource.axd?d=316q7TOCatO3Ingg_2toqHYgSztx0kmzxudaxTXeVxsDvdWPW2qKKfmmtTdjs2iKQnJaH-dVFlchcLUOhXPwmHjLnK_GH0ffEcENjUBVh2KHipw8vrRTA_8i3ehkxBzmxOw9znwxubvbpOd-V87wK26zPVBt5BRmiSbeGCtXwiQgyOdha9awNWx5GJc-3fb80&t=7a0cc936
Preview:	//----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c\|\|typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

Chrome Cache Entry: 84

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	26951
Entropy (8bit):	4.514992390210281
Encrypted:	false
SSDEEP:	384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
MD5:	B3D7A123BE5203A1A3F0F10233ED373F
SHA1:	F4C61F321D8F79A805B356C6EC94090C0D96215C
SHA-256:	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
SHA-512:	A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c
Preview:	var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

Chrome Cache Entry: 85

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (37521)
Category:	downloaded
Size (bytes):	40512
Entropy (8bit):	5.386921349191213
Encrypted:	false
SSDEEP:	768:Tkv+rkfa2aH5m7UYfXLMQWGjaKEstpgG9ycj:Pr8LaZkzLM46G9
MD5:	8DCE60169BA666CA03A31D123DB49908
SHA1:	956C46BB6058C23D35440DCC656CE61C7B151399
SHA-256:	F9F5A40C01C6D569373CE61EE77849F30E4176E1310652FF17D458C68680CF75
SHA-512:	26BA15ADE0F62393413156C5061B04AA8FCE3A5A5EE06EE35DFC42D3F76AF850980731A38DCF7094711E7FAB18C80EF66C9B354C029D06FA2E846330ACCC7E9E
Malicious:	false
Reputation:	low
URL:	https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.007/spoguestaccesswebpack/spoguestaccess.js
Preview:	/! For license information please see spoguestaccess.js.LICENSE.txt /.document.currentScript,define("@fluentui/react-file-type-icons",[],()=>{var e;return(()=>{"use strict";var t=[e=>{var t=Object.getOwnPropertySymbols,n=Object.prototype.hasOwnProperty,a=Object.prototype.propertyIsEnumerable;function i(e){if(null==e)throw new TypeError("Object.assign cannot be called with null or undefined");return Object(e)}e.exports=function(){try{if(!Object.assign)return!1;var e=new String("abc");if(e[5]="de","5"===Object.getOwnPropertyNames(e)[0])return!1;for(var t={},n=0;n<10;n++)t["_"+String.fromCharCode(n)]=n;if("0123456789"!==Object.getOwnPropertyNames(t).map(function(e){return t[e]}).join(""))return!1;var a={};return"abcdefghijklmnopqrst".split("").forEach(function(e){a[e]=e}),"abcdefghijklmnopqrst"===Object.keys(Object.assign({},a)).join("")}catch(e){return!1}}()?Object.assign:function(e,r){for(var o,s,c=i(e),d=1;d<arguments.length;d++){for(var l in o=Object(arguments[d]))n.call(o,l)&&(c[l]

Chrome Cache Entry: 86

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with CRLF line terminators
Category:	downloaded
Size (bytes):	23063
Entropy (8bit):	4.7535440881548165
Encrypted:	false
SSDEEP:	384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
MD5:	90EA7274F19755002360945D54C2A0D7
SHA1:	647B5D8BF7D119A2C97895363A07A0C6EB8CD284
SHA-256:	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
SHA-512:	7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
Malicious:	false
Reputation:	low
URL:	https://ppsd-my.sharepoint.com/WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381
Preview:	function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

Chrome Cache Entry: 87

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.702819531114783
Encrypted:	false
SSDEEP:	3:H6xhkY:aQY
MD5:	858372DD32511CB4DD08E48A93B4F175
SHA1:	CE4555B7B2EFBBD644D8E34CF3453A0E8CAA3C43
SHA-256:	3D18F3E1469C83D62CF3A39BA93F8EAA5B22447FE630E59F39DC1B7747635359
SHA-512:	6A57E0D4A1C23CB693AA9312F6FDAA1FC4309B5BC91D1B2279B5792BEE3534749FD3693C19AA95E0768800472D11D438EC3116F337679A249C28BE0E038E6DE0
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlTliYuJ_YCSBIFDfSCVyI=?alt=proto
Preview:	CgkKBw30glciGgA=

Chrome Cache Entry: 88

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 226 x 48, 8-bit/color RGBA, non-interlaced
Category:	dropped
Size (bytes):	3331
Entropy (8bit):	7.927896166439245
Encrypted:	false
SSDEEP:	96:zHjOKn3csE3x5liVsCo4GcPIZpV6x5cge8oo9:zDOK3zE3x5TCwcP4LQNeq
MD5:	EF884BDEDEF280DF97A4C5604058D8DB
SHA1:	6F04244B51AD2409659E267D308B97E09CE9062B
SHA-256:	825DE044D5AC6442A094FF95099F9F67E9249A8110A2FBD57128285776632ADB
SHA-512:	A083381C53070B65B3B8A7A7293D5D2674D2F6EC69C0E19748823D3FDD6F527E8D3D31D311CCEF8E26FC531770F101CDAF95F23ECC990DB405B5EF48B0C91BA2
Malicious:	false
Reputation:	low
Preview:	.PNG........IHDR.......0............sRGB.........IDATx..=w....G.z..L.4fN.k\dS..._`..........r...~.F..e._.RZ.0.K.\..CB...1.{qq/..^\|.G..o.......?....Or.......y~....]..V.a.mM...M.\kH..@B`s.$"n...)!.@"b#4. !.9...7.u...hD ....T.........:EJ.4"..X........<\|.pgkk+....>~.....pju1i"b.J.&!.!...=T....k..D7.....O.<.?}......./..(.`0..!.C..'.?..e..~.....l6...._.x1rmR...$\|E...l.WKDH...f..... ...Y.0R....>...{...-..o........,...E../......_....eM.Q....@Q...w sp5.9..l.W)...Pq... .]..B..).../M.G.g....].V...5$<......Eb.9.....>LYAk.Z.k..b..]N%>}4a....4!S...t..d..<.8AH+.../r...._...!qt.:q..fR.:..KW.._...T...5..>.0!.hq.rbND\...XR.,2.uX..Q.b...wQ......g..X...F...~.....ikZE...UA....V.I!..]..Mm..R.....~k.VC.n..V.B#W...\..yI.3.....2........6c....2J....,g..5O1.s.4V2.....f..K..Obf\....;.w...\|.F>F>6_z..P.dU<.wVV......?.q.?&........O.>....l.S.upp....59.C_.......fJ.M.={v,......]Y_....n.?UF....v<.$..AD...p.....:$r =p...C.k.3....n.v..~.TGd!...l.W...s..

Static File Info

⊘No static file info

Network Behavior

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 3, 2024 20:58:06.493161917 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:06.796930075 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:07.402878046 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:08.613904953 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:09.511934042 CEST	49689	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:11.007301092 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.007342100 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.007415056 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.007760048 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.007771969 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.007843971 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.008080959 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.008095026 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.008312941 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.008322954 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.023896933 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:11.573302984 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.574841022 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.574862957 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.575769901 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.575875044 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.578571081 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.581343889 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.581433058 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.581582069 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.581592083 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.581963062 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.581969976 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.583549023 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.583620071 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.589531898 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.589616060 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.630951881 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.630959988 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:11.631367922 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:11.677921057 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.379930019 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.379965067 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.380032063 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.380057096 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.380121946 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.382056952 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.382066965 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.382150888 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.382162094 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.382708073 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.382762909 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.382771969 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.382822990 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.468816996 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.468940973 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.468972921 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.471019030 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.471128941 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.471158028 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.473063946 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.473169088 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.473196030 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.474337101 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.474414110 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.474435091 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.523967028 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.555447102 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:12.555535078 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:12.555666924 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:12.556292057 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.556303978 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.556390047 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.556421995 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.557462931 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:12.557498932 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:12.557939053 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.557993889 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.558007956 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.558024883 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.558054924 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.559279919 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.559353113 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.559361935 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.559391975 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.559444904 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.559654951 CEST	49705	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.559669971 CEST	443	49705	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.565325022 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.565381050 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.565458059 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.565502882 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566107035 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566139936 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.566210032 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566420078 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566437960 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.566505909 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566889048 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.566910028 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.566987991 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.567342997 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.567373991 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.567810059 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.567837954 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.568043947 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.568067074 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.568304062 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.568316936 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.611402035 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.732899904 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.734010935 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.734034061 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.734051943 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.734078884 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.734111071 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.734127998 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.735801935 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.735845089 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.735889912 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.735897064 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.735945940 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.819892883 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.819916010 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.819977999 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.820079088 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.820086956 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.820108891 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.820177078 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.820301056 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.820318937 CEST	443	49706	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.820329905 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.820374966 CEST	49706	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.870297909 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.870332956 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:12.870412111 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.870661974 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:12.870676994 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.131187916 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.131504059 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.131565094 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.133198023 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.133508921 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.133652925 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.133667946 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.133708954 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.143034935 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.143235922 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.143249035 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.143663883 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.143932104 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.143990040 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.144047022 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.151628017 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.151844025 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.151854038 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.155138016 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.155200005 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.155453920 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.155530930 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.155565977 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.160741091 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.160933018 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.160952091 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.164036989 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.164115906 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.164424896 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.164509058 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.164561033 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.175899029 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.191396952 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.203394890 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.207423925 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.207887888 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.207887888 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.207905054 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.207912922 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.218275070 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.218358994 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.222332001 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.222342014 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.222744942 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.244014025 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.255886078 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.261893034 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.291400909 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.318552971 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.318600893 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.318698883 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.318718910 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319677114 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319736958 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319751978 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319760084 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.319763899 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319797039 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.319818020 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.319840908 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.319849014 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.322164059 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.322232962 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.322247028 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.322982073 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.323132992 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.323148012 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.323159933 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.323209047 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.327174902 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.327222109 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.327285051 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.327301025 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.327361107 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.328303099 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.328327894 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.328345060 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.328407049 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.328435898 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.328449011 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.331656933 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.331741095 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.331757069 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.331815004 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.338248014 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.338677883 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.338793993 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.338809013 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.338845968 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.338905096 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.339206934 CEST	49718	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.339238882 CEST	443	49718	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.343329906 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.343417883 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.343496084 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.343771935 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.343807936 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.365923882 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.412611961 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.412699938 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.412713051 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.412736893 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.412776947 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.413171053 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.413290977 CEST	443	49717	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.413372993 CEST	49717	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.413769007 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.413779974 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.413841009 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.413852930 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.415035009 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.415126085 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.415137053 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.416181087 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.416264057 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.416275024 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.416630030 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.416697979 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.416789055 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.417207956 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.417275906 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.417288065 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.417351961 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.417386055 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.418982983 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.419003010 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.419061899 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.419102907 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.419114113 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.419667959 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.419780970 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.419800997 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.421135902 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.421211958 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.421226025 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.421394110 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.421468019 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.421611071 CEST	49719	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.421639919 CEST	443	49719	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.423943043 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.423979044 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.424045086 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.424216032 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.424232960 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.451338053 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.451540947 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.451550007 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.454066038 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.454129934 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.454391003 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.454500914 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.454622984 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.461905956 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.482208967 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.482368946 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.482393980 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.482408047 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.482424974 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.482431889 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.482444048 CEST	49713	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.482449055 CEST	443	49713	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.503999949 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504010916 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504081011 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.504086971 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504515886 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504561901 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504571915 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.504579067 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.504614115 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.505153894 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.505223989 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.505228996 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.506176949 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.506248951 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.506253958 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.506793976 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.506850004 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.506855011 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.507611036 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.507677078 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.507682085 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.507930040 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.507985115 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.507988930 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.508029938 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.508121014 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.508256912 CEST	49716	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.508266926 CEST	443	49716	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.508882999 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.508891106 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.512511969 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.512547970 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.512651920 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.512880087 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.512893915 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.513242960 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.513335943 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.513453960 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.513746023 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:13.513775110 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:13.556878090 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.642704964 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.642729998 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.642797947 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.642816067 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.643654108 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.643666029 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.643727064 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.643774033 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.643784046 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.643809080 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.648013115 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.648057938 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.648087025 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.648093939 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.648200035 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.703612089 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.703711033 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.703847885 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.704133987 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.704178095 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.730288029 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.730324030 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.730372906 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.730417967 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.730505943 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.730628967 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.730654955 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.730659008 CEST	443	49720	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.730773926 CEST	49720	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.945480108 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.948668957 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.948745012 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.950191021 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.950315952 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.950607061 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.950700045 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:13.950787067 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:13.950808048 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.003118992 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.004676104 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.014043093 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.017249107 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.017291069 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.017473936 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.017494917 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.018810987 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.018918037 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.019382000 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.019491911 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.019609928 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.021379948 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.021732092 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.021732092 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.021909952 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.022047043 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.063447952 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.066960096 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.066968918 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.066965103 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.067028046 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.090548038 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.092866898 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.092885971 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.093346119 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.094686031 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.094862938 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.094868898 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.094921112 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.112984896 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.113058090 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.137957096 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.138010025 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.138087034 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.138122082 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.138211966 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.138278008 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.138853073 CEST	49721	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.138885975 CEST	443	49721	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.144951105 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.187262058 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.187419891 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.188608885 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.188627005 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.189055920 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.189960957 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.190640926 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.190659046 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.190716028 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.190732956 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.190785885 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.191498041 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.191504002 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.191592932 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.191608906 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.191673994 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.192219973 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.192226887 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.192287922 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.204716921 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.205367088 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.205389023 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.205406904 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.205487013 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.205487013 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.205526114 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.205744028 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.206126928 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.206146002 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.206243992 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.235404968 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.256989956 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.272286892 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.272347927 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.272458076 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.272478104 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.272701979 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.274189949 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.274210930 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.274329901 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.274337053 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.277712107 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.277843952 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.277851105 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.277966976 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.281697035 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.281721115 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.281776905 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.281833887 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.281862020 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.281899929 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.281966925 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.281985998 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.282042980 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.282124043 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.282180071 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.283581972 CEST	49722	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.283615112 CEST	443	49722	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.288383961 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291132927 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.291152954 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291555882 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291754007 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291779995 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291812897 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.291928053 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.291928053 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.291943073 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.292212009 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.292290926 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.292390108 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.292824984 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.292845964 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.293013096 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.293020010 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.293375969 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.293395996 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.293453932 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.293461084 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.293493032 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.294048071 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.294783115 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.294894934 CEST	49723	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.294910908 CEST	443	49723	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.339410067 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.359174967 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.359390974 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.359399080 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.359903097 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.360016108 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.360023022 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.360426903 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.360507965 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.360513926 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.361303091 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.361449003 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.361454964 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.417437077 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.445718050 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.445745945 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.445861101 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.445879936 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.445892096 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.446307898 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.446377993 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.446412086 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.446419954 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.446439028 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.446943045 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.447112083 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.447118998 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.447535992 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.447680950 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.447688103 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.448163986 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.448297977 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.448304892 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449131012 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449311018 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.449316978 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449461937 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449522018 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.449527025 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449665070 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.449672937 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449718952 CEST	443	49724	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.449768066 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.449768066 CEST	49724	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.468260050 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.468344927 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.469161987 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.469209909 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.469295979 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.469295979 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.469295979 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.469295979 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.469369888 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.469433069 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.469458103 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.469527960 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.469650030 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.469706059 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.470391035 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.470412970 CEST	443	49729	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.470434904 CEST	49729	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.474601984 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.474642992 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.474917889 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.474961996 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:14.474971056 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:14.672558069 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:14.782062054 CEST	49725	443	192.168.2.16	184.28.90.27
Oct 3, 2024 20:58:14.782135963 CEST	443	49725	184.28.90.27	192.168.2.16
Oct 3, 2024 20:58:14.840842009 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:14.840887070 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:14.840979099 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:14.841218948 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:14.841233015 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:14.972928047 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:15.042947054 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.043219090 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.043231010 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.043704033 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.044056892 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.044136047 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.044190884 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.083929062 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.083935976 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.236279964 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.236332893 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.236438990 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.236454964 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.236969948 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.237031937 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.237039089 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.237065077 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.237082958 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.237087011 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.237162113 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.237214088 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.237461090 CEST	49731	443	192.168.2.16	13.107.136.10
Oct 3, 2024 20:58:15.237477064 CEST	443	49731	13.107.136.10	192.168.2.16
Oct 3, 2024 20:58:15.489967108 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:15.490308046 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:15.490325928 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:15.492002964 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:15.492094040 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:15.493447065 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:15.493532896 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:15.545883894 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:15.545895100 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:15.577908039 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:15.593882084 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:15.832900047 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:16.785892963 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:19.133063078 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:19.196938038 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:19.435956955 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:20.044342041 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:21.257050037 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:22.872442961 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:22.872495890 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:22.872590065 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:22.874280930 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:22.874304056 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.608469009 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.608628988 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.611380100 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.611402035 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.611804008 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.662683964 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.664333105 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:23.677627087 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.723412037 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908544064 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908601046 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908621073 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908662081 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908677101 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.908711910 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.908725023 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908740997 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908771992 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908787966 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.908798933 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.908832073 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.908845901 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.908979893 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.909106970 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.909157991 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.920094013 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.920114040 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:23.920146942 CEST	49735	443	192.168.2.16	172.202.163.200
Oct 3, 2024 20:58:23.920154095 CEST	443	49735	172.202.163.200	192.168.2.16
Oct 3, 2024 20:58:24.010915995 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:25.383337021 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:25.383455038 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:25.383553982 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:25.434932947 CEST	49673	443	192.168.2.16	204.79.197.203
Oct 3, 2024 20:58:26.283431053 CEST	49732	443	192.168.2.16	172.217.16.132
Oct 3, 2024 20:58:26.283469915 CEST	443	49732	172.217.16.132	192.168.2.16
Oct 3, 2024 20:58:28.467017889 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:58:33.610996008 CEST	49678	443	192.168.2.16	20.189.173.10
Oct 3, 2024 20:58:38.077039003 CEST	49680	80	192.168.2.16	192.229.211.108
Oct 3, 2024 20:59:00.601596117 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:00.601695061 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:00.601871014 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:00.602272987 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:00.602293968 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.629642010 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.629914045 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.631130934 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.631174088 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.631520987 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.633380890 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.675425053 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.961518049 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.961581945 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.961779118 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.961811066 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.961880922 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.961930037 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.961958885 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.962708950 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.962805033 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.962822914 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.962903976 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.963150024 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.963203907 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.963264942 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.963329077 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.964886904 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.964905977 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:01.964921951 CEST	49736	443	192.168.2.16	4.245.163.56
Oct 3, 2024 20:59:01.964927912 CEST	443	49736	4.245.163.56	192.168.2.16
Oct 3, 2024 20:59:15.120886087 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:15.120929956 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.121000051 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:15.121279001 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:15.121294975 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.770751953 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.771049976 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:15.771086931 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.772617102 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.772908926 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:15.773030996 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:15.816067934 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:25.818001986 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:25.818181992 CEST	443	49738	142.250.186.36	192.168.2.16
Oct 3, 2024 20:59:25.818243980 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:26.282083988 CEST	49738	443	192.168.2.16	142.250.186.36
Oct 3, 2024 20:59:26.282119036 CEST	443	49738	142.250.186.36	192.168.2.16

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Oct 3, 2024 20:58:10.111645937 CEST	53	54121	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:10.129829884 CEST	53	62144	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:10.941981077 CEST	64141	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:10.943103075 CEST	62466	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:11.143440008 CEST	53	55562	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:12.827740908 CEST	63316	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:12.827914000 CEST	53318	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:13.699307919 CEST	53	62864	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:14.830828905 CEST	59015	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:14.830967903 CEST	58354	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:14.839811087 CEST	53	58354	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:14.839935064 CEST	53	59015	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:15.007016897 CEST	51242	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:15.007122993 CEST	50193	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:58:28.079258919 CEST	53	59884	1.1.1.1	192.168.2.16
Oct 3, 2024 20:58:46.973341942 CEST	53	61296	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:04.669384956 CEST	53	49531	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:09.433517933 CEST	53	57468	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:10.067476988 CEST	53	49355	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:10.835597992 CEST	138	138	192.168.2.16	192.168.2.255
Oct 3, 2024 20:59:14.894140959 CEST	58385	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:59:14.894249916 CEST	55927	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:59:15.019926071 CEST	49889	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:59:15.019927025 CEST	59220	53	192.168.2.16	1.1.1.1
Oct 3, 2024 20:59:15.119774103 CEST	53	55927	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:15.119817972 CEST	53	58385	1.1.1.1	192.168.2.16
Oct 3, 2024 20:59:39.305891991 CEST	53	58746	1.1.1.1	192.168.2.16

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 3, 2024 20:58:10.941981077 CEST	192.168.2.16	1.1.1.1	0x6d6e	Standard query (0)	ppsd-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:10.943103075 CEST	192.168.2.16	1.1.1.1	0x1368	Standard query (0)	ppsd-my.sharepoint.com	65	IN (0x0001)	false
Oct 3, 2024 20:58:12.827740908 CEST	192.168.2.16	1.1.1.1	0xd19f	Standard query (0)	ppsd-my.sharepoint.com	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:12.827914000 CEST	192.168.2.16	1.1.1.1	0xdab	Standard query (0)	ppsd-my.sharepoint.com	65	IN (0x0001)	false
Oct 3, 2024 20:58:14.830828905 CEST	192.168.2.16	1.1.1.1	0xbcf5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:14.830967903 CEST	192.168.2.16	1.1.1.1	0xfd81	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 3, 2024 20:58:15.007016897 CEST	192.168.2.16	1.1.1.1	0xcde1	Standard query (0)	m365cdn.nel.measure.office.net	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:15.007122993 CEST	192.168.2.16	1.1.1.1	0x1c6b	Standard query (0)	m365cdn.nel.measure.office.net	65	IN (0x0001)	false
Oct 3, 2024 20:59:14.894140959 CEST	192.168.2.16	1.1.1.1	0x89cf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:59:14.894249916 CEST	192.168.2.16	1.1.1.1	0x606f	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 3, 2024 20:59:15.019926071 CEST	192.168.2.16	1.1.1.1	0xdd9b	Standard query (0)	m365cdn.nel.measure.office.net	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:59:15.019927025 CEST	192.168.2.16	1.1.1.1	0xe52b	Standard query (0)	m365cdn.nel.measure.office.net	65	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	ppsd-my.sharepoint.com	ppsd.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	ppsd.sharepoint.com	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	193267-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:10.984056950 CEST	1.1.1.1	192.168.2.16	0x6d6e	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:11.006553888 CEST	1.1.1.1	192.168.2.16	0x1368	No error (0)	ppsd-my.sharepoint.com	ppsd.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:11.006553888 CEST	1.1.1.1	192.168.2.16	0x1368	No error (0)	ppsd.sharepoint.com	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:11.006553888 CEST	1.1.1.1	192.168.2.16	0x1368	No error (0)	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:11.006553888 CEST	1.1.1.1	192.168.2.16	0x1368	No error (0)	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869445086 CEST	1.1.1.1	192.168.2.16	0xdab	No error (0)	ppsd-my.sharepoint.com	ppsd.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869445086 CEST	1.1.1.1	192.168.2.16	0xdab	No error (0)	ppsd.sharepoint.com	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869445086 CEST	1.1.1.1	192.168.2.16	0xdab	No error (0)	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869445086 CEST	1.1.1.1	192.168.2.16	0xdab	No error (0)	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	ppsd-my.sharepoint.com	ppsd.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	ppsd.sharepoint.com	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	1388-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	193267-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com	193267-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	193267-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net	dual-spo-0005.spo-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	dual-spo-0005.spo-msedge.net		13.107.136.10	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:12.869786978 CEST	1.1.1.1	192.168.2.16	0xd19f	No error (0)	dual-spo-0005.spo-msedge.net		13.107.138.10	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:14.839811087 CEST	1.1.1.1	192.168.2.16	0xfd81	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 3, 2024 20:58:14.839935064 CEST	1.1.1.1	192.168.2.16	0xbcf5	No error (0)	www.google.com		172.217.16.132	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:58:15.015233040 CEST	1.1.1.1	192.168.2.16	0x1c6b	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:58:15.015250921 CEST	1.1.1.1	192.168.2.16	0xcde1	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:59:15.119774103 CEST	1.1.1.1	192.168.2.16	0x606f	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 3, 2024 20:59:15.119817972 CEST	1.1.1.1	192.168.2.16	0x89cf	No error (0)	www.google.com		142.250.186.36	A (IP address)	IN (0x0001)	false
Oct 3, 2024 20:59:15.120256901 CEST	1.1.1.1	192.168.2.16	0xe52b	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 3, 2024 20:59:15.120755911 CEST	1.1.1.1	192.168.2.16	0xdd9b	No error (0)	m365cdn.nel.measure.office.net	nel.measure.office.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false

HTTP Request Dependency Graph

ppsd-my.sharepoint.com

https:

fs.microsoft.com

slscr.update.microsoft.com

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.16	49705	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:11 UTC	767	OUT	GET /:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:12 UTC	1984	IN	HTTP/1.1 200 OK Cache-Control: private Content-Length: 69147 Content-Type: text/html; charset=utf-8 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,2102272,0,616,3328071,0,1440565,60 X-SharePointHealthScore: 0 X-AspNet-Version: 4.0.30319 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: c05e56a1-6085-6000-7bd1-9cd643460786 request-id: c05e56a1-6085-6000-7bd1-9cd643460786 MS-CV: oVZewIVgAGB70ZzWQ0YHhg.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=e7d12be1-4307-493f-9427-cab307da4512&destinationEndpoint=Edge-Prod-EWR31r5d&frontEnd=AFD&RemoteIP=8.46.123.0"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} Strict-Transport-Security: max-age=31536000 X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com teams.cloud.microsoft .office365.com goals.cloud.microsoft .powerapps.com app.powerbi.com .yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft .officeapps.live.com .office.com .microsoft365.com .stream.azure-test.net .microsoftstream.com .dynamics.com .microsoft.com onedrive.live.com .onedrive.live.com securebroker.sharepointonline.com; SPRequestDuration: 611 SPIisLatency: 3 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 106D46BB133142D9BA0B60E0A7088E0A Ref B: EWR311000108023 Ref C: 2024-10-03T18:58:11Z Date: Thu, 03 Oct 2024 18:58:12 GMT Connection: close
2024-10-03 18:58:12 UTC	2186	IN	Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3a 6f 3d 22 75 72 6e 3a 73 63 68 65 6d 61 73 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 3a 6f 66 66 69 63 65 3a 6f 66 66 69 63 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 20 64 69 72 3d 22 6c 74 72 22 3e 0d 0a 3c 68 65 61 64 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 47 45 4e 45 52 41 54 4f 52 22 20 63 6f 6e 74 65 6e 74 3d 22 4d 69 63 72 6f 73 6f 66 74 20 53 68 61 72 65 50 6f 69 6e 74 22 20 2f Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns:o="urn:schemas-microsoft-com:office:office" lang="en-us" dir="ltr"><head><meta name="GENERATOR" content="Microsoft SharePoint" /
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 2c 5b 74 79 70 65 3d 73 75 62 6d 69 74 5d 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 2c 62 75 74 74 6f 6e 3a 2d 6d 6f 7a 2d 66 6f 63 75 73 72 69 6e 67 7b 6f 75 74 6c 69 6e 65 3a 31 70 78 20 64 6f 74 74 65 64 20 42 75 74 74 6f 6e 54 65 78 74 7d 66 69 65 6c 64 73 65 74 7b 70 61 64 64 69 6e 67 3a 2e 33 35 65 6d 20 2e 37 35 65 6d 20 2e 36 32 35 65 6d 7d 6c 65 67 65 6e 64 7b 62 6f 78 2d 73 69 7a 69 6e 67 3a 62 6f 72 64 65 72 2d 62 6f 78 3b 63 6f 6c 6f 72 3a 69 6e 68 65 72 69 74 3b 64 69 73 70 6c 61 79 3a 74 61 62 6c 65 3b 6d 61 78 2d 77 69 64 74 68 3a 31 30 30 25 3b 70 61 64 64 69 6e 67 3a 30 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 72 6d 61 6c 7d 70 72 6f 67 72 65 73 73 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 3b 76 65 72 74 69 63 Data Ascii: ,[type=submit]:-moz-focusring,button:-moz-focusring{outline:1px dotted ButtonText}fieldset{padding:.35em .75em .625em}legend{box-sizing:border-box;color:inherit;display:table;max-width:100%;padding:0;white-space:normal}progress{display:inline-block;vertic
2024-10-03 18:58:12 UTC	4144	IN	Data Raw: 77 65 62 6b 69 74 2d 6f 75 74 65 72 2d 73 70 69 6e 2d 62 75 74 74 6f 6e 7b 6d 61 72 67 69 6e 3a 30 3b 2d 77 65 62 6b 69 74 2d 61 70 70 65 61 72 61 6e 63 65 3a 6e 6f 6e 65 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 7b 2d 6d 6f 7a 2d 61 70 70 65 61 72 61 6e 63 65 3a 74 65 78 74 66 69 65 6c 64 7d 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 3a 3a 2d 6d 73 2d 63 6c 65 61 72 7b 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 7d 2e 64 65 73 6b 74 6f 70 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 3a 35 37 70 78 20 30 20 32 30 70 78 7d 2e 6d 6f 62 69 6c 65 2d 6c 6f 67 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 34 70 78 7d 2e 6d 69 63 72 6f 73 6f 66 74 2d 6c 6f 67 6f 7b 68 65 69 67 68 74 3a 32 34 70 78 3b 77 69 64 74 68 3a 31 31 33 70 78 7d 2e 66 6f 72 6d 2d 69 Data Ascii: webkit-outer-spin-button{margin:0;-webkit-appearance:none}input[type=number]{-moz-appearance:textfield}input[type=number]::-ms-clear{display:none}.desktop-logo{margin:57px 0 20px}.mobile-logo{margin-top:24px}.microsoft-logo{height:24px;width:113px}.form-i
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 37 64 32 36 2d 30 30 39 62 2d 34 66 61 36 2d 62 37 36 62 2d 33 63 34 35 36 63 66 30 36 32 62 33 22 3e 0d 0a 09 09 21 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 27 50 65 72 66 6f 72 6d 61 6e 63 65 4c 6f 6e 67 54 61 73 6b 54 69 6d 69 6e 67 27 20 69 6e 20 77 69 6e 64 6f 77 29 7b 76 61 72 20 67 3d 77 69 6e 64 6f 77 2e 5f 5f 74 74 69 3d 7b 65 3a 5b 5d 7d 3b 67 2e 6f 3d 6e 65 77 20 50 65 72 66 6f 72 6d 61 6e 63 65 4f 62 73 65 72 76 65 72 28 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 67 2e 65 3d 67 2e 65 2e 63 6f 6e 63 61 74 28 6c 2e 67 65 74 45 6e 74 72 69 65 73 28 29 29 7d 29 3b 67 2e 6f 2e 6f 62 73 65 72 76 65 28 7b 65 6e 74 72 79 54 79 70 65 73 3a 5b 27 6c 6f 6e 67 74 61 73 6b 27 5d 7d 29 7d 7d 28 29 3b 0d 0a 09 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 Data Ascii: 7d26-009b-4fa6-b76b-3c456cf062b3">!function(){if('PerformanceLongTaskTiming' in window){var g=window.__tti={e:[]};g.o=new PerformanceObserver(function(l){g.e=g.e.concat(l.getEntries())});g.o.observe({entryTypes:['longtask']})}}();</script><script t
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 3f 64 65 66 69 6e 65 28 74 29 3a 65 2e 45 53 36 50 72 6f 6d 69 73 65 3d 74 28 29 7d 28 74 68 69 73 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 63 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7d 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 65 3d 73 65 74 54 69 6d 65 6f 75 74 3b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 72 2c 31 29 7d 7d 66 75 6e 63 74 69 6f 6e 20 72 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 53 3b 65 2b 3d 32 29 7b 28 30 2c 54 5b 65 5d 29 28 54 5b 65 2b 31 5d 29 2c 54 5b 65 5d 3d 76 6f 69 64 20 30 2c 54 Data Ascii: "==typeof define&&define.amd?define(t):e.ES6Promise=t()}(this,function(){"use strict";function c(e){return"function"==typeof e}function t(){var e=setTimeout;return function(){return e(r,1)}}function r(){for(var e=0;e<S;e+=2){(0,T[e])(T[e+1]),T[e]=void 0,T
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 6e 28 65 2c 74 2c 72 2c 6e 29 7b 76 61 72 20 69 2c 6f 2c 73 3d 64 65 66 43 6f 6e 74 65 78 74 4e 61 6d 65 3b 69 66 28 21 69 73 41 72 72 61 79 28 65 29 26 26 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 65 29 7b 6f 3d 65 3b 69 66 28 69 73 41 72 72 61 79 28 74 29 29 7b 65 3d 74 3b 74 3d 72 3b 72 3d 6e 7d 65 6c 73 65 20 65 3d 5b 5d 7d 6f 26 26 6f 2e 63 6f 6e 74 65 78 74 26 26 28 73 3d 6f 2e 63 6f 6e 74 65 78 74 29 3b 69 3d 28 69 3d 67 65 74 4f 77 6e 28 63 6f 6e 74 65 78 74 73 2c 73 29 29 7c 7c 28 63 6f 6e 74 65 78 74 73 5b 73 5d 3d 72 65 71 2e 73 2e 6e 65 77 43 6f 6e 74 65 78 74 28 73 29 29 3b 6f 26 26 69 2e 63 6f 6e 66 69 67 75 72 65 28 6f 29 3b 72 65 74 75 72 6e 20 69 2e 72 65 71 75 69 72 65 28 65 2c 74 2c 72 29 7d 3b 72 65 71 2e 63 6f 6e 66 69 67 3d Data Ascii: n(e,t,r,n){var i,o,s=defContextName;if(!isArray(e)&&"string"!=typeof e){o=e;if(isArray(t)){e=t;t=r;r=n}else e=[]}o&&o.context&&(s=o.context);i=(i=getOwn(contexts,s))\|\|(contexts[s]=req.s.newContext(s));o&&i.configure(o);return i.require(e,t,r)};req.config=
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 61 70 2e 69 64 5d 3a 6e 75 6c 6c 3b 74 2e 72 65 71 75 69 72 65 54 79 70 65 3d 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 3f 22 64 65 66 69 6e 65 22 3a 22 72 65 71 75 69 72 65 22 3b 72 65 74 75 72 6e 20 6a 28 74 68 69 73 2e 65 72 72 6f 72 3d 74 29 7d 7d 65 6c 73 65 20 69 3d 6f 3b 74 68 69 73 2e 65 78 70 6f 72 74 73 3d 69 3b 69 66 28 74 68 69 73 2e 6d 61 70 2e 69 73 44 65 66 69 6e 65 26 26 21 74 68 69 73 2e 69 67 6e 6f 72 65 29 7b 6d 5b 72 5d 3d 69 3b 69 66 28 72 65 71 2e 6f 6e 52 65 73 6f 75 72 63 65 4c 6f 61 64 29 7b 76 61 72 20 73 3d 5b 5d 3b 65 61 63 68 28 74 68 69 73 2e 64 65 70 4d 61 70 73 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 73 2e 70 75 73 68 28 65 2e 6e 6f 72 6d 61 6c 69 7a 65 64 4d 61 70 7c 7c 65 29 7d 29 3b 72 65 71 2e 6f 6e 52 65 73 6f Data Ascii: ap.id]:null;t.requireType=this.map.isDefine?"define":"require";return j(this.error=t)}}else i=o;this.exports=i;if(this.map.isDefine&&!this.ignore){m[r]=i;if(req.onResourceLoad){var s=[];each(this.depMaps,function(e){s.push(e.normalizedMap\|\|e)});req.onReso
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 65 64 4d 6f 64 75 6c 65 73 20 3d 20 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 6d 6f 64 75 6c 65 73 46 61 6c 6c 65 64 42 61 63 6b 3b 0d 0a 20 20 20 20 20 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 70 75 73 68 28 6d 6f 64 75 6c 65 49 64 29 3b 0d 0a 20 20 20 20 20 20 69 66 20 28 21 66 61 69 6c 4f 76 65 72 53 74 61 74 65 2e 62 61 73 65 55 72 6c 46 61 69 6c 65 64 4f 76 65 72 20 26 26 20 66 61 69 6c 65 64 4d 6f 64 75 6c 65 73 2e 6c 65 6e 67 74 68 20 3e 3d 20 32 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 64 20 69 6e 20 70 61 74 68 73 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 76 61 72 20 69 74 65 6d 73 20 3d 20 70 61 74 68 73 5b 69 64 5d 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 69 66 20 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 69 Data Ascii: edModules = failOverState.modulesFalledBack; failedModules.push(moduleId); if (!failOverState.baseUrlFailedOver && failedModules.length >= 2) { for (var id in paths) { var items = paths[id]; if (Array.isArray(i
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0d 0a 2f 2f 3c 21 5b 43 44 41 54 41 5b 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 4f 6e 53 75 62 6d 69 74 28 29 20 7b 0d 0a 69 66 20 28 74 79 70 65 6f 66 28 56 61 6c 69 64 61 74 6f 72 4f 6e 53 75 62 6d 69 74 29 20 3d 3d 20 22 66 75 6e 63 74 69 6f 6e 22 20 26 26 20 56 61 6c 69 64 61 74 6f 72 4f 6e 53 75 62 6d 69 74 28 29 20 3d 3d 20 66 61 6c 73 65 29 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 69 66 20 28 74 79 70 65 6f 66 28 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 29 20 21 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 72 65 74 75 72 6e 20 5f 73 70 46 6f 72 6d 4f 6e 53 75 62 6d 69 74 57 72 61 70 70 65 72 28 29 3b 7d 20 65 6c 73 65 20 7b 72 65 74 75 72 6e 20 74 72 Data Ascii: "text/javascript">//<![CDATA[function WebForm_OnSubmit() {if (typeof(ValidatorOnSubmit) == "function" && ValidatorOnSubmit() == false) return false;if (typeof(_spFormOnSubmitWrapper) != 'undefined') {return _spFormOnSubmitWrapper();} else {return tr
2024-10-03 18:58:12 UTC	5473	IN	Data Raw: 6f 6e 66 75 6e 63 74 69 6f 6e 20 3d 20 22 52 65 67 75 6c 61 72 45 78 70 72 65 73 73 69 6f 6e 56 61 6c 69 64 61 74 6f 72 45 76 61 6c 75 61 74 65 49 73 56 61 6c 69 64 22 3b 0d 0a 09 56 61 6c 69 64 61 74 65 54 4f 41 41 45 4d 61 69 6c 2e 76 61 6c 69 64 61 74 69 6f 6e 65 78 70 72 65 73 73 69 6f 6e 20 3d 20 22 5e 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 40 5b 5e 20 5c 5c 72 5c 5c 74 5c 5c 6e 5c 5c 66 40 5d 2b 24 22 3b 0d 0a 09 76 61 72 20 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 20 3f 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 22 49 6e 63 6f 72 72 65 63 74 54 4f 41 41 45 4d 61 69 6c 22 5d 20 3a 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 49 6e 63 6f 72 72 65 Data Ascii: onfunction = "RegularExpressionValidatorEvaluateIsValid";ValidateTOAAEMail.validationexpression = "^[^ \\r\\t\\n\\f@]+@[^ \\r\\t\\n\\f@]+$";var IncorrectTOAAEMail = document.all ? document.all["IncorrectTOAAEMail"] : document.getElementById("Incorre

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.16	49706	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:12 UTC	778	OUT	GET /WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:12 UTC	756	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 23063 Content-Type: application/x-javascript Expires: Fri, 03 Oct 2025 09:36:07 GMT Last-Modified: Sat, 10 Aug 2024 17:36:24 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,197625,0,55447,224 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 62B817899F9941B5A3619902287D53C2 Ref B: EWR311000106027 Ref C: 2024-10-03T18:58:12Z Date: Thu, 03 Oct 2024 18:58:12 GMT Connection: close
2024-10-03 18:58:12 UTC	382	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
2024-10-03 18:58:12 UTC	8192	IN	Data Raw: 69 65 6e 74 53 75 62 6d 69 74 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 44 6f 50 6f 73 74 42 61 63 6b 57 69 74 68 4f 70 74 69 6f 6e 73 28 6f 70 74 69 6f 6e 73 29 20 7b 0d 0a 20 20 20 20 76 61 72 20 76 61 6c 69 64 61 74 69 6f 6e 52 65 73 75 6c 74 20 3d 20 74 72 75 65 3b 0d 0a 20 20 20 20 69 66 20 28 6f 70 74 69 6f 6e 73 2e 76 61 6c 69 64 61 74 69 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 50 61 67 65 5f 43 6c 69 65 6e 74 56 61 6c 69 64 61 74 65 29 20 3d 3d 20 27 66 75 6e 63 74 69 6f 6e 27 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 69 64 61 74 69 6f 6e 52 65 73 75 6c 74 20 3d 20 50 61 67 65 5f 43 6c 69 65 6e 74 56 61 6c 69 64 61 74 65 28 6f 70 74 69 6f 6e 73 2e 76 61 6c 69 64 61 Data Ascii: ientSubmit;}function WebForm_DoPostBackWithOptions(options) { var validationResult = true; if (options.validation) { if (typeof(Page_ClientValidate) == 'function') { validationResult = Page_ClientValidate(options.valida
2024-10-03 18:58:12 UTC	7176	IN	Data Raw: 75 65 20 3d 20 63 61 6c 6c 62 61 63 6b 49 6e 64 65 78 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 2e 64 6f 63 75 6d 65 6e 74 2e 66 6f 72 6d 73 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 63 61 6c 6c 62 61 63 6b 49 6e 64 65 78 46 69 65 6c 64 45 6c 65 6d 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 78 6d 6c 52 65 71 75 65 73 74 46 72 61 6d 65 2e 64 6f 63 75 6d 65 6e 74 2e 66 6f 72 6d 73 5b 30 5d 2e 73 75 62 6d 69 74 28 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 2c 20 31 30 29 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 43 61 6c 6c 62 61 63 6b 43 6f 6d 70 6c 65 74 65 28 29 20 7b 0d 0a 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 20 3d 20 30 3b 20 69 20 3c 20 Data Ascii: ue = callbackIndex; xmlRequestFrame.document.forms[0].appendChild(callbackIndexFieldElement); xmlRequestFrame.document.forms[0].submit(); } }, 10);}function WebForm_CallbackComplete() { for (var i = 0; i <
2024-10-03 18:58:12 UTC	7313	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser)

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.16	49717	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	843	OUT	GET /ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:13 UTC	773	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 26951 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 18:58:13 GMT Last-Modified: Thu, 03 Oct 2024 18:58:13 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,109,326222,0,464347,60 X-AspNet-Version: 4.0.30319 SPRequestDuration: 5 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 22EB76247053403199B0B9FAE3D4B044 Ref B: EWR311000106049 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:12 GMT Connection: close
2024-10-03 18:58:13 UTC	1455	IN	Data Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65 Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 72 6f 6c 28 63 74 72 6c 2c 20 76 61 6c 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 76 61 6c 2e 69 73 76 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 20 20 20 20 20 20 20 20 76 61 6c 2e 65 6e 61 62 6c 65 64 20 3d 20 66 61 6c 73 65 3b 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 56 61 6c 69 64 61 74 6f 72 48 6f 6f 6b 75 70 43 6f 6e 74 72 6f 6c 28 63 6f 6e 74 72 6f 6c 2c 20 76 61 6c 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 63 6f 6e 74 72 6f 6c 2e 74 61 67 4e 61 6d 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 3b 20 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 69 66 20 28 63 6f 6e 74 72 6f 6c 2e 74 61 67 4e 61 6d 65 20 21 3d 20 Data Ascii: rol(ctrl, val); } else { val.isvalid = true; val.enabled = false; }}function ValidatorHookupControl(control, val) { if (typeof(control.tagName) != "string") { return; } if (control.tagName !=
2024-10-03 18:58:13 UTC	6086	IN	Data Raw: 6c 65 43 6f 6e 74 61 69 6e 65 72 28 63 74 72 6c 2e 70 61 72 65 6e 74 4e 6f 64 65 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 49 73 56 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 4d 61 74 63 68 28 63 6f 6e 74 72 6f 6c 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 20 28 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 20 3d 3d 20 6e 75 6c 6c 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 76 61 72 20 63 6f 6e 74 72 6f 6c 47 72 6f 75 70 20 3d 20 22 Data Ascii: leContainer(ctrl.parentNode); } return true;}function IsValidationGroupMatch(control, validationGroup) { if ((typeof(validationGroup) == "undefined") \|\| (validationGroup == null)) { return true; } var controlGroup = "
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 75 65 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 0d Data Ascii: ue(val.controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") \|\| (typeof(document.getElementById(val.controltocompare)) == "undefined") \|\|
2024-10-03 18:58:13 UTC	3026	IN	Data Raw: 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 20 20 20 20 20 Data Ascii: var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length;

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.16	49716	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	856	OUT	GET /ScriptResource.axd?d=316q7TOCatO3Ingg_2toqHYgSztx0kmzxudaxTXeVxsDvdWPW2qKKfmmtTdjs2iKQnJaH-dVFlchcLUOhXPwmHjLnK_GH0ffEcENjUBVh2KHipw8vrRTA_8i3ehkxBzmxOw9znwxubvbpOd-V87wK26zPVBt5BRmiSbeGCtXwiQgyOdha9awNWx5GJc-3fb80&t=7a0cc936 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:13 UTC	768	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 102801 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 17:19:13 GMT Last-Modified: Thu, 03 Oct 2024 17:19:13 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,842,0,26877,46 X-AspNet-Version: 4.0.30319 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 4C690082A3F541AF800CD0BC77DDC156 Ref B: EWR311000107035 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:12 GMT Connection: close
2024-10-03 18:58:13 UTC	1878	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 6d 65 74 65 72 54 79 70 65 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 63 2c 6b 2c 6a 2c 68 2c 64 29 7b 76 61 72 20 61 2c 67 3b 69 66 28 74 79 70 65 6f 66 20 62 3d 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 69 66 28 68 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 6c 73 65 7b 61 3d 45 72 72 6f 72 2e 61 72 67 75 6d 65 6e 74 55 6e 64 65 66 69 6e 65 64 28 64 29 3b 61 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 61 7d 69 66 28 62 3d 3d 3d 6e 75 6c 6c 29 69 66 28 68 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 6c 73 65 7b 61 3d 45 72 72 6f 72 2e 61 72 67 75 6d 65 6e 74 4e 75 6c 6c 28 64 29 3b 61 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 61 7d 69 66 28 63 26 26 63 2e 5f 5f 65 6e 75 6d 29 7b 69 66 28 74 79 70 65 6f 66 20 Data Ascii: meterType=function(b,c,k,j,h,d){var a,g;if(typeof b==="undefined")if(h)return null;else{a=Error.argumentUndefined(d);a.popStackFrame();return a}if(b===null)if(h)return null;else{a=Error.argumentNull(d);a.popStackFrame();return a}if(c&&c.__enum){if(typeof
2024-10-03 18:58:13 UTC	5668	IN	Data Raw: 66 61 6c 73 65 3b 72 65 74 75 72 6e 20 21 21 61 2e 5f 5f 6e 61 6d 65 73 70 61 63 65 7d 3b 54 79 70 65 2e 70 61 72 73 65 3d 66 75 6e 63 74 69 6f 6e 28 74 79 70 65 4e 61 6d 65 2c 6e 73 29 7b 76 61 72 20 66 6e 3b 69 66 28 6e 73 29 7b 66 6e 3d 53 79 73 2e 5f 5f 75 70 70 65 72 43 61 73 65 54 79 70 65 73 5b 6e 73 2e 67 65 74 4e 61 6d 65 28 29 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 2b 22 2e 22 2b 74 79 70 65 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 5d 3b 72 65 74 75 72 6e 20 66 6e 7c 7c 6e 75 6c 6c 7d 69 66 28 21 74 79 70 65 4e 61 6d 65 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 69 66 28 21 54 79 70 65 2e 5f 5f 68 74 43 6c 61 73 73 65 73 29 54 79 70 65 2e 5f 5f 68 74 43 6c 61 73 73 65 73 3d 7b 7d 3b 66 6e 3d 54 79 70 65 2e 5f 5f 68 74 43 6c 61 73 73 Data Ascii: false;return !!a.__namespace};Type.parse=function(typeName,ns){var fn;if(ns){fn=Sys.__upperCaseTypes[ns.getName().toUpperCase()+"."+typeName.toUpperCase()];return fn\|\|null}if(!typeName)return null;if(!Type.__htClasses)Type.__htClasses={};fn=Type.__htClass
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 77 69 6e 64 Data Ascii: tArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)wind
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e Data Ascii: -1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Observer.
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21 6b 26 26 6e Data Ascii: ng()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]\|^)(d\|dd)([^d]\|$)/g;function s(){if(h\|\|p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!k&&n
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 6f 6e 28 61 Data Ascii: _upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:function(a
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e Data Ascii: )if(Sys.Browser.agent===Sys.Browser.Opera\|\|Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serialization.
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 Data Ascii: peof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElement._g
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55 4f 54 45 22 Data Ascii: a){if(!a._oldDisplayMode){var b=a.currentStyle\|\|Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode\|\|a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQUOTE"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.16	49719	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	856	OUT	GET /ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:13 UTC	767	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 40326 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 14:27:53 GMT Last-Modified: Thu, 03 Oct 2024 14:27:53 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,235,0,26712,42 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: A7E246DA2D54430384E5908E325D6F9B Ref B: EWR311000102035 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:12 GMT Connection: close
2024-10-03 18:58:13 UTC	3403	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 69 73 2e 5f 65 76 65 6e 74 73 29 64 65 6c 65 74 65 20 74 68 69 73 2e 5f 65 76 65 6e 74 73 3b 74 68 69 73 2e 5f 73 65 73 73 69 6f 6e 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 63 75 72 72 65 6e 74 53 65 73 73 69 6f 6e 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 73 63 72 69 70 74 4c 6f 61 64 65 64 44 65 6c 65 67 61 74 65 3d 6e 75 6c 6c 7d 2c 6c 6f 61 64 53 63 72 69 70 74 73 3a 66 75 6e 63 74 69 6f 6e 28 64 2c 62 2c 63 2c 61 29 7b 76 61 72 20 65 3d 7b 61 6c 6c 53 63 72 69 70 74 73 4c 6f 61 64 65 64 43 61 6c 6c 62 61 63 6b 3a 62 2c 73 63 72 69 70 74 4c 6f 61 64 46 61 69 6c 65 64 43 61 6c 6c 62 61 63 6b 3a 63 2c 73 63 72 69 70 74 4c 6f 61 64 54 69 6d 65 6f 75 74 43 61 6c 6c 62 61 63 6b 3a 61 2c 73 63 72 69 70 74 73 54 6f 4c 6f 61 64 3a 74 68 69 73 2e 5f 73 63 72 69 70 74 Data Ascii: is._events)delete this._events;this._sessions=null;this._currentSession=null;this._scriptLoadedDelegate=null},loadScripts:function(d,b,c,a){var e={allScriptsLoadedCallback:b,scriptLoadFailedCallback:c,scriptLoadTimeoutCallback:a,scriptsToLoad:this._script
2024-10-03 18:58:13 UTC	4144	IN	Data Raw: 72 6d 73 2e 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 53 65 72 76 65 72 45 72 72 6f 72 45 78 63 65 70 74 69 6f 6e 3a 20 22 2b 28 64 7c 7c 53 74 72 69 6e 67 2e 66 6f 72 6d 61 74 28 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 52 65 73 2e 50 52 4d 5f 53 65 72 76 65 72 45 72 72 6f 72 2c 61 29 29 2c 62 3d 45 72 72 6f 72 2e 63 72 65 61 74 65 28 63 2c 7b 6e 61 6d 65 3a 22 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 53 65 72 76 65 72 45 72 72 6f 72 45 78 63 65 70 74 69 6f 6e 22 2c 68 74 74 70 53 74 61 74 75 73 43 6f 64 65 3a 61 7d 29 3b 62 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 63 72 65 61 74 65 50 61 67 65 52 65 71 75 65 73 74 4d 61 6e 61 67 65 72 50 61 72 73 65 Data Ascii: rms.PageRequestManagerServerErrorException: "+(d\|\|String.format(Sys.WebForms.Res.PRM_ServerError,a)),b=Error.create(c,{name:"Sys.WebForms.PageRequestManagerServerErrorException",httpStatusCode:a});b.popStackFrame();return b},_createPageRequestManagerParse
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 64 61 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d Data Ascii: date(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.activeElement=
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 3b 69 66 28 6d 21 3d 3d 2d 31 Data Ascii: dditionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("?");if(m!==-1
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 73 65 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f 72 6d 2e 61 63 74 69 6f 6e 3d 62 2e 66 Data Ascii: ses[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._form.action=b.f
2024-10-03 18:58:13 UTC	11	IN	Data Raw: 61 6e 20 6f 6e 63 65 2e 22 7d 3b Data Ascii: an once."};

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.16	49718	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	728	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:13 UTC	729	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Sat, 28 Sep 2024 03:15:52 GMT Accept-Ranges: bytes ETag: "43a6ab95411db1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,0,427085,0,432732,60 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: C4B92A78B0744AB5852CCBBF9D38F8F8 Ref B: EWR311000107019 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:13 GMT Connection: close
2024-10-03 18:58:13 UTC	557	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"
2024-10-03 18:58:13 UTC	2774	IN	Data Raw: 08 98 5d 4e 25 3e 7d 34 61 87 d3 0f ed 9e 34 21 53 e7 2e 15 74 dc d0 64 db e1 be 83 3c ad 38 41 48 2b a2 8f c8 2f 72 ef e9 d3 a7 bd 5f c4 f8 9c 21 71 74 05 3a 71 8a b1 66 52 f7 3a a7 83 4b 57 91 f2 5f 16 01 c8 54 1b 0f f4 35 dd 17 3e c2 30 21 8f 68 71 c9 bd 72 62 4e 44 5c d2 b7 10 a1 58 52 1c 2c 32 e4 ad 75 58 d0 d8 51 f2 62 a6 a0 a3 77 51 1d 91 ee f3 0a bc 67 08 ea 58 a5 ec 17 46 e0 b6 1f 9f 7e 1a fb ba cb c8 69 6b 5a 45 ed 1c f1 86 55 41 08 9d f3 06 56 8e 49 21 ef 85 ec 5d 9f e6 4d 6d e9 ea 52 fe d7 83 80 b6 96 7e 6b 9a 56 43 df 6e 95 9c 56 c4 2a 42 23 57 14 f0 bc aa 2e 5c dd b2 bc 79 49 a3 33 c1 e2 82 cc 93 85 90 32 09 81 06 04 d2 8a e8 00 c3 36 63 c8 e1 ba f2 b6 13 32 4a 2e 1d b3 c6 2c 67 82 c2 9b 35 4f 31 1e 73 ef 34 56 32 05 da d2 f2 d2 66 b1 1a 4b Data Ascii: ]N%>}4a4!S.td<8AH+/r_!qt:qfR:KW_T5>0!hqrbND\XR,2uXQbwQgXF~ikZEUAVI!]MmR~kVCnV*B#W.\yI326c2J.,g5O1s4V2fK

Session ID	Source IP	Source Port	Destination IP	Destination Port
6	192.168.2.16	49713	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-03 18:58:13 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF70) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=251220 Date: Thu, 03 Oct 2024 18:58:13 GMT Connection: close X-CID: 2

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.16	49720	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	493	OUT	GET /WebResource.axd?d=kE_MFfymnDk6lA1RMVqxGaRaQoEINe2xGiBGeBLMXywW-cfkYYdrgWtlEsrsbfXAtLQDkihhYPPGLMnPJSM8Hcuy-VmJFgGViECedzlWJDA1&t=638588829843638381 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:13 UTC	757	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 23063 Content-Type: application/x-javascript Expires: Fri, 03 Oct 2025 08:49:10 GMT Last-Modified: Thu, 05 Sep 2024 22:57:14 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,525568,0,543,9184,0,118169,177 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: A1E6AE6947A14915946E2BB26E6F6AB2 Ref B: EWR311000107047 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:13 GMT Connection: close
2024-10-03 18:58:13 UTC	1459	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
2024-10-03 18:58:13 UTC	8192	IN	Data Raw: 74 69 76 65 2e 69 64 2e 6c 65 6e 67 74 68 20 3e 20 30 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 61 73 74 46 6f 63 75 73 2e 76 61 6c 75 65 20 3d 20 61 63 74 69 76 65 2e 69 64 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 6c 73 65 20 69 66 20 28 74 79 70 65 6f 66 28 61 63 74 69 76 65 2e 6e 61 6d 65 29 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6c 61 73 74 46 6f 63 75 73 2e 76 61 6c 75 65 20 3d 20 61 63 74 69 76 65 2e 6e 61 6d 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: tive.id.length > 0)) { lastFocus.value = active.id; } else if (typeof(active.name) != "undefined") { lastFocus.value = active.name;
2024-10-03 18:58:13 UTC	6098	IN	Data Raw: 3d 3d 20 22 73 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 76 65 6e 74 43 61 6c 6c 62 61 63 6b 29 20 21 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 26 26 20 28 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 76 65 6e 74 43 61 6c 6c 62 61 63 6b 20 21 3d 20 6e 75 6c 6c 29 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 65 76 65 6e 74 43 61 6c 6c 62 61 63 6b 28 72 65 73 70 6f 6e 73 65 2e 73 75 62 73 74 72 69 6e 67 28 31 29 2c 20 63 61 6c 6c 62 61 63 6b 4f 62 6a 65 63 74 2e 63 6f 6e 74 65 78 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 69 66 20 28 72 65 73 70 6f 6e 73 65 2e 63 68 Data Ascii: == "s") { if ((typeof(callbackObject.eventCallback) != "undefined") && (callbackObject.eventCallback != null)) { callbackObject.eventCallback(response.substring(1), callbackObject.context); } } else if (response.ch
2024-10-03 18:58:13 UTC	7314	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 61 6c 6c 5b 74 61 72 67 65 74 5d 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 Data Ascii: defaultButton = document.all[target]; } if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.16	49721	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:13 UTC	383	OUT	GET /_layouts/15/images/microsoft-logo.png HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:14 UTC	736	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 3331 Content-Type: image/png Last-Modified: Mon, 30 Sep 2024 03:22:04 GMT Accept-Ranges: bytes ETag: "653f26ece712db1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,60,246,5441328,0,1051136,59 SPRequestDuration: 6 SPIisLatency: 8 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: D410679D280E4AE0A850EF07FD8B2DD0 Ref B: EWR311000102033 Ref C: 2024-10-03T18:58:13Z Date: Thu, 03 Oct 2024 18:58:14 GMT Connection: close
2024-10-03 18:58:14 UTC	3331	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 e2 00 00 00 30 08 06 00 00 00 0c e6 a6 f3 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 0c bd 49 44 41 54 78 01 ed 9c 3d 77 1b b9 15 86 47 b6 7a d3 bf c0 4c ca 34 66 4e d2 6b 5c 64 53 9a ee b3 c7 a3 5f 60 fa ab 8d a8 da 1f d2 fe 02 8f 72 d2 9b ee b2 95 c9 7e cf 46 aa dc 65 a9 5f b0 52 5a 7f 30 cf 4b 03 5c 0c 06 43 42 12 87 de 8d 31 e7 8c 81 7b 71 71 2f e6 05 5e 7c 0c 47 de fa 6f ff f7 b3 ac 85 0b a7 3f de 18 fd e7 4f 72 fd f7 ef b3 1f b6 b6 b2 79 7e dd a1 f6 ff 92 5d cb b6 b2 56 9e 61 dd 6d 4d fe 12 02 4d 08 5c 6b 2a 48 fa 84 40 42 60 73 08 24 22 6e 0e eb 14 29 21 d0 88 40 22 62 23 34 a9 20 21 b0 39 04 12 11 37 87 75 8a 94 10 68 44 20 11 b1 11 9a 54 90 10 d8 1c 02 89 88 9b c3 3a 45 4a 08 34 22 b0 dd Data Ascii: PNGIHDR0sRGBIDATx=wGzL4fNk\dS_`r~Fe_RZ0K\CB1{qq/^\|Go?Ory~]VamMM\k*H@B`s$"n)!@"b#4 !97uhD T:EJ4"

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.16	49722	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:14 UTC	558	OUT	GET /ScriptResource.axd?d=i1-jn0fYCre21w0-eJYxV9dL3mpCUB5YM_qn_70zNb4Ro7pNPGe92v7J8TTVJ5bMoPVLoAtFLg6reT2SteKxyl5t1mOqcKO1Ed0w5Zs5rGE33IykJT8wD71j-uwSfSghFOiIhRFl5fHZa5NePaiJA4qrBPnn6zuujk7s8z061Vo1&t=ffffffffedc3492c HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:14 UTC	767	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 26951 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 16:19:38 GMT Last-Modified: Thu, 03 Oct 2024 16:19:38 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,366,0,26712,43 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: ED85FAC123834007A5D90316FDBFB860 Ref B: EWR311000104037 Ref C: 2024-10-03T18:58:14Z Date: Thu, 03 Oct 2024 18:58:13 GMT Connection: close
2024-10-03 18:58:14 UTC	4031	IN	Data Raw: 76 61 72 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 56 65 72 20 3d 20 22 31 32 35 22 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 73 56 61 6c 69 64 20 3d 20 74 72 75 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 42 6c 6f 63 6b 53 75 62 6d 69 74 20 3d 20 66 61 6c 73 65 3b 0d 0a 76 61 72 20 50 61 67 65 5f 49 6e 76 61 6c 69 64 43 6f 6e 74 72 6f 6c 54 6f 42 65 46 6f 63 75 73 65 64 20 3d 20 6e 75 6c 6c 3b 0d 0a 76 61 72 20 50 61 67 65 5f 54 65 78 74 54 79 70 65 73 20 3d 20 2f 5e 28 74 65 78 74 7c 70 61 73 73 77 6f 72 64 7c 66 69 6c 65 7c 73 65 61 72 63 68 7c 74 65 6c 7c 75 72 6c 7c 65 6d 61 69 6c 7c 6e 75 6d 62 65 72 7c 72 61 6e 67 65 7c 63 6f 6c 6f 72 7c 64 61 74 65 74 69 6d 65 7c 64 61 74 65 7c 6d 6f 6e 74 68 7c 77 65 65 6b 7c 74 69 6d 65 7c 64 61 74 65 74 69 6d 65 Data Ascii: var Page_ValidationVer = "125";var Page_IsValid = true;var Page_BlockSubmit = false;var Page_InvalidControlToBeFocused = null;var Page_TextTypes = /^(text\|password\|file\|search\|tel\|url\|email\|number\|range\|color\|datetime\|date\|month\|week\|time\|datetime
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 75 6c 6c 3b 0d 0a 20 20 20 20 69 66 20 28 74 79 70 65 6f 66 28 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 76 61 72 20 69 3b 0d 0a 20 20 20 20 66 6f 72 20 28 69 20 3d 20 30 3b 20 69 20 3c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 2e 6c 65 6e 67 74 68 3b 20 69 2b 2b 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 56 61 6c 69 64 61 74 6f 72 56 61 6c 69 64 61 74 65 28 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 5b 69 5d 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 6e 75 6c 6c 29 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 56 61 6c 69 64 61 74 6f 72 55 70 64 61 74 65 49 73 56 61 6c 69 64 28 Data Ascii: ull; if (typeof(Page_Validators) == "undefined") { return true; } var i; for (i = 0; i < Page_Validators.length; i++) { ValidatorValidate(Page_Validators[i], validationGroup, null); } ValidatorUpdateIsValid(
2024-10-03 18:58:14 UTC	3516	IN	Data Raw: 65 20 69 66 20 28 64 61 74 61 54 79 70 65 20 3d 3d 20 22 43 75 72 72 65 6e 63 79 22 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 68 61 73 44 69 67 69 74 73 20 3d 20 28 76 61 6c 2e 64 69 67 69 74 73 20 3e 20 30 29 3b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 62 65 67 69 6e 47 72 6f 75 70 53 69 7a 65 2c 20 73 75 62 73 65 71 75 65 6e 74 47 72 6f 75 70 53 69 7a 65 3b 0d 0a 20 20 20 20 20 20 20 20 76 61 72 20 67 72 6f 75 70 53 69 7a 65 4e 75 6d 20 3d 20 70 61 72 73 65 49 6e 74 28 76 61 6c 2e 67 72 6f 75 70 73 69 7a 65 2c 20 31 30 29 3b 0d 0a 20 20 20 20 20 20 20 20 69 66 20 28 21 69 73 4e 61 4e 28 67 72 6f 75 70 53 69 7a 65 4e 75 6d 29 20 26 26 20 67 72 6f 75 70 53 69 7a 65 4e 75 6d 20 3e 20 30 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 65 67 Data Ascii: e if (dataType == "Currency") { var hasDigits = (val.digits > 0); var beginGroupSize, subsequentGroupSize; var groupSizeNum = parseInt(val.groupsize, 10); if (!isNaN(groupSizeNum) && groupSizeNum > 0) { beg
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 2e 63 6f 6e 74 72 6f 6c 74 6f 76 61 6c 69 64 61 74 65 29 3b 0d 0a 20 20 20 20 69 66 20 28 56 61 6c 69 64 61 74 6f 72 54 72 69 6d 28 76 61 6c 75 65 29 2e 6c 65 6e 67 74 68 20 3d 3d 20 30 29 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 20 20 20 20 76 61 72 20 63 6f 6d 70 61 72 65 54 6f 20 3d 20 22 22 3b 0d 0a 20 20 20 20 69 66 20 28 28 74 79 70 65 6f 66 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 20 21 3d 20 22 73 74 72 69 6e 67 22 29 20 7c 7c 0d 0a 20 20 20 20 20 20 20 20 28 74 79 70 65 6f 66 28 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 76 61 6c 2e 63 6f 6e 74 72 6f 6c 74 6f 63 6f 6d 70 61 72 65 29 29 20 3d 3d 20 22 75 6e 64 65 66 69 6e 65 64 22 29 20 7c 7c 0d 0a 20 20 20 20 20 Data Ascii: .controltovalidate); if (ValidatorTrim(value).length == 0) return true; var compareTo = ""; if ((typeof(val.controltocompare) != "string") \|\| (typeof(document.getElementById(val.controltocompare)) == "undefined") \|\|
2024-10-03 18:58:14 UTC	3020	IN	Data Raw: 20 20 20 20 20 20 20 20 76 61 72 20 6c 65 6e 67 74 68 20 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 6f 72 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 6c 65 6e 67 74 68 20 2b 3d 20 70 61 72 73 65 53 70 65 63 69 66 69 63 41 74 74 72 69 62 75 74 65 28 73 65 6c 65 63 74 6f 72 2c 20 64 61 74 61 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 79 41 74 74 72 69 62 75 74 65 2c 20 50 61 67 65 5f 56 61 6c 69 64 61 74 69 6f 6e 53 75 6d 6d 61 72 69 65 73 29 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 6c 65 6e 67 74 68 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 20 20 20 Data Ascii: var length = parseSpecificAttribute(selector, dataValidationAttribute, Page_Validators); length += parseSpecificAttribute(selector, dataValidationSummaryAttribute, Page_ValidationSummaries); return length; }

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.16	49723	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:14 UTC	571	OUT	GET /ScriptResource.axd?d=8jMBPwzCJimnOVs7u_PCEtqHHK5YJE1izSBKQXgq0N-ynz3hOttN4eeaUAeSykQph47rTDEjerEtYWHA57cT5KHwGGM6fqcp-Pvzmr7Naa7dfKceZbmRXVaBYNLI0Tg7D2K8YRwy_4TpnFsYQecwvZiEp54qCAMHuenwWD_iWiXK7ibFJS1r8r6MQ5RkgjXG0&t=7a0cc936 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:14 UTC	767	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 40326 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 14:39:03 GMT Last-Modified: Thu, 03 Oct 2024 14:39:03 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,824,0,26712,41 X-AspNet-Version: 4.0.30319 SPRequestDuration: 3 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 0D9FDF94E784487DAE862FEBE9EA07FA Ref B: EWR311000108053 Ref C: 2024-10-03T18:58:14Z Date: Thu, 03 Oct 2024 18:58:14 GMT Connection: close
2024-10-03 18:58:14 UTC	926	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 42 65 67 69 6e 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 22 2c 53 79 73 2e 45 76 65 6e 74 41 72 67 73 29 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 45 6e 64 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 3d 66 75 6e 63 74 69 6f 6e 28 63 2c 61 2c 62 29 7b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 45 6e 64 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 69 6e 69 74 69 61 6c 69 7a 65 42 61 73 65 28 74 68 69 73 29 3b 74 68 69 73 2e 5f 65 72 72 6f 72 48 61 6e 64 6c 65 64 3d 66 61 6c 73 65 3b 74 68 69 73 2e 5f 65 72 72 6f 72 3d 63 3b 74 68 69 73 2e 5f 64 61 74 61 49 74 65 6d 73 3d 61 7c 7c 7b 7d 3b 74 68 69 73 2e 5f 72 65 73 70 6f 6e 73 65 3d 62 7d 3b 53 79 73 2e 57 65 62 46 6f 72 6d 73 2e 45 6e 64 52 65 71 75 65 73 74 45 76 65 6e 74 41 72 67 73 2e 70 72 Data Ascii: BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=function(c,a,b){Sys.WebForms.EndRequestEventArgs.initializeBase(this);this._errorHandled=false;this._error=c;this._dataItems=a\|\|{};this._response=b};Sys.WebForms.EndRequestEventArgs.pr
2024-10-03 18:58:14 UTC	6621	IN	Data Raw: 61 64 64 5f 69 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 61 64 64 48 61 6e 64 6c 65 72 28 22 69 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 22 2c 61 29 7d 2c 72 65 6d 6f 76 65 5f 69 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 72 65 6d 6f 76 65 48 61 6e 64 6c 65 72 28 22 69 6e 69 74 69 61 6c 69 7a 65 52 65 71 75 65 73 74 22 2c 61 29 7d 2c 61 64 64 5f 70 61 67 65 4c 6f 61 64 65 64 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 Data Ascii: add_initializeRequest:function(a){this._get_eventHandlerList().addHandler("initializeRequest",a)},remove_initializeRequest:function(a){this._get_eventHandlerList().removeHandler("initializeRequest",a)},add_pageLoaded:function(a){this._get_eventHandlerList
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 64 61 74 65 28 61 2e 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 29 3b 69 66 28 64 29 7b 69 66 28 74 79 70 65 6f 66 20 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 21 3d 6e 75 6c 6c 26 26 61 2e 61 63 74 69 6f 6e 55 72 6c 2e 6c 65 6e 67 74 68 3e 30 29 74 68 65 46 6f 72 6d 2e 61 63 74 69 6f 6e 3d 61 2e 61 63 74 69 6f 6e 55 72 6c 3b 69 66 28 61 2e 74 72 61 63 6b 46 6f 63 75 73 29 7b 76 61 72 20 63 3d 74 68 65 46 6f 72 6d 2e 65 6c 65 6d 65 6e 74 73 5b 22 5f 5f 4c 41 53 54 46 4f 43 55 53 22 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 63 21 3d 6e 75 6c 6c 29 69 66 28 74 79 70 65 6f 66 20 64 6f 63 75 6d 65 6e 74 2e 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d Data Ascii: date(a.validationGroup);if(d){if(typeof a.actionUrl!="undefined"&&a.actionUrl!=null&&a.actionUrl.length>0)theForm.action=a.actionUrl;if(a.trackFocus){var c=theForm.elements["__LASTFOCUS"];if(typeof c!="undefined"&&c!=null)if(typeof document.activeElement=
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 7b 62 2e 61 70 70 65 6e 64 28 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 29 3b 74 68 69 73 2e 5f 61 64 64 69 74 69 6f 6e 61 6c 49 6e 70 75 74 3d 6e 75 6c 6c 7d 76 61 72 20 63 3d 6e 65 77 20 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2c 61 3d 77 2e 61 63 74 69 6f 6e 3b 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 49 6e 74 65 72 6e 65 74 45 78 70 6c 6f 72 65 72 29 7b 76 61 72 20 72 3d 61 2e 69 6e 64 65 78 4f 66 28 22 23 22 29 3b 69 66 28 72 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 30 2c 72 29 3b 76 61 72 20 6f 3d 22 22 2c 76 3d 22 22 2c 6d 3d 61 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 3b 69 66 28 6d 21 3d 3d 2d 31 Data Ascii: dditionalInput){b.append(this._additionalInput);this._additionalInput=null}var c=new Sys.Net.WebRequest,a=w.action;if(Sys.Browser.agent===Sys.Browser.InternetExplorer){var r=a.indexOf("#");if(r!==-1)a=a.substr(0,r);var o="",v="",m=a.indexOf("?");if(m!==-1
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 73 65 73 5b 61 5d 2c 62 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 62 29 7b 69 66 28 62 2e 65 78 65 63 75 74 6f 72 2e 67 65 74 5f 77 65 62 52 65 71 75 65 73 74 28 29 21 3d 3d 74 68 69 73 2e 5f 72 65 71 75 65 73 74 29 72 65 74 75 72 6e 3b 74 68 69 73 2e 5f 63 6f 6d 6d 69 74 43 6f 6e 74 72 6f 6c 73 28 62 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 2c 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 3f 62 2e 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 4e 6f 64 65 2e 63 6f 6e 74 65 6e 74 3a 6e 75 6c 6c 29 3b 69 66 28 62 2e 66 6f 72 6d 41 63 74 69 6f 6e 4e 6f 64 65 29 74 68 69 73 2e 5f 66 6f 72 6d 2e 61 63 74 69 6f 6e 3d 62 2e 66 Data Ascii: ses[a],b)},_scriptIncludesLoadComplete:function(e,b){if(b.executor.get_webRequest()!==this._request)return;this._commitControls(b.updatePanelData,b.asyncPostBackTimeoutNode?b.asyncPostBackTimeoutNode.content:null);if(b.formActionNode)this._form.action=b.f
2024-10-03 18:58:14 UTC	11	IN	Data Raw: 61 6e 20 6f 6e 63 65 2e 22 7d 3b Data Ascii: an once."};

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.16	49724	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:14 UTC	571	OUT	GET /ScriptResource.axd?d=316q7TOCatO3Ingg_2toqHYgSztx0kmzxudaxTXeVxsDvdWPW2qKKfmmtTdjs2iKQnJaH-dVFlchcLUOhXPwmHjLnK_GH0ffEcENjUBVh2KHipw8vrRTA_8i3ehkxBzmxOw9znwxubvbpOd-V87wK26zPVBt5BRmiSbeGCtXwiQgyOdha9awNWx5GJc-3fb80&t=7a0cc936 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:14 UTC	768	IN	HTTP/1.1 200 OK Cache-Control: public Content-Length: 102801 Content-Type: application/x-javascript; charset=utf-8 Expires: Fri, 03 Oct 2025 14:14:06 GMT Last-Modified: Thu, 03 Oct 2024 14:14:06 GMT P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,262656,0,0,296,0,26712,37 X-AspNet-Version: 4.0.30319 SPRequestDuration: 4 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 80DE29B994D1428C9FFD2E8E2516C1C6 Ref B: EWR311000104029 Ref C: 2024-10-03T18:58:14Z Date: Thu, 03 Oct 2024 18:58:13 GMT Connection: close
2024-10-03 18:58:14 UTC	4006	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 29 2c 62 2e 67 65 74 4e 61 6d 65 28 29 29 3b 65 6c 73 65 20 61 2b 3d 53 79 73 2e 52 65 73 2e 61 72 67 75 6d 65 6e 74 54 79 70 65 3b 69 66 28 64 29 61 2b 3d 22 5c 6e 22 2b 53 74 72 69 6e 67 2e 66 6f 72 6d 61 74 28 53 79 73 2e 52 65 73 2e 70 61 72 61 6d 4e 61 6d 65 2c 64 29 3b 76 61 72 20 66 3d 45 72 72 6f 72 2e 63 72 65 61 74 65 28 61 2c 7b 6e 61 6d 65 3a 22 53 79 73 2e 41 72 67 75 6d 65 6e 74 54 79 70 65 45 78 63 65 70 74 69 6f 6e 22 2c 70 61 72 61 6d 4e 61 6d 65 3a 64 2c 61 63 74 75 61 6c 54 79 70 65 3a 63 2c 65 78 70 65 63 74 65 64 54 79 70 65 3a 62 7d 29 3b 66 2e 70 6f 70 53 74 61 63 6b 46 72 61 6d 65 28 29 3b 72 65 74 75 72 6e 20 66 7d 3b 45 72 72 6f 72 2e 61 72 67 75 6d 65 6e 74 55 6e 64 65 66 69 6e 65 64 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 63 29 7b Data Ascii: ),b.getName());else a+=Sys.Res.argumentType;if(d)a+="\n"+String.format(Sys.Res.paramName,d);var f=Error.create(a,{name:"Sys.ArgumentTypeException",paramName:d,actualType:c,expectedType:b});f.popStackFrame();return f};Error.argumentUndefined=function(a,c){
2024-10-03 18:58:14 UTC	3540	IN	Data Raw: 3d 3d 31 29 72 65 74 75 72 6e 20 5b 61 5b 30 5d 5d 3b 65 6c 73 65 20 72 65 74 75 72 6e 20 41 72 72 61 79 2e 61 70 70 6c 79 28 6e 75 6c 6c 2c 61 29 7d 3b 41 72 72 61 79 2e 63 6f 6e 74 61 69 6e 73 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 53 79 73 2e 5f 69 6e 64 65 78 4f 66 28 61 2c 62 29 3e 3d 30 7d 3b 41 72 72 61 79 2e 64 65 71 75 65 75 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 73 68 69 66 74 28 29 7d 3b 41 72 72 61 79 2e 66 6f 72 45 61 63 68 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 65 2c 64 29 7b 66 6f 72 28 76 61 72 20 61 3d 30 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 61 3c 66 3b 61 2b 2b 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 69 66 28 74 79 70 65 6f 66 20 63 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 65 2e 63 Data Ascii: ==1)return [a[0]];else return Array.apply(null,a)};Array.contains=function(a,b){return Sys._indexOf(a,b)>=0};Array.dequeue=function(a){return a.shift()};Array.forEach=function(b,e,d){for(var a=0,f=b.length;a<f;a++){var c=b[a];if(typeof c!=="undefined")e.c
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 74 41 72 67 73 29 3b 54 79 70 65 2e 72 65 67 69 73 74 65 72 4e 61 6d 65 73 70 61 63 65 28 22 53 79 73 2e 55 49 22 29 3b 53 79 73 2e 5f 44 65 62 75 67 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 3b 53 79 73 2e 5f 44 65 62 75 67 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 77 69 6e 64 Data Ascii: tArgs);Type.registerNamespace("Sys.UI");Sys._Debug=function(){};Sys._Debug.prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)wind
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 2d 31 2c 5b 62 5d 2c 63 29 29 3b 72 65 74 75 72 6e 20 74 72 75 65 7d 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 65 6d 6f 76 65 41 74 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 69 66 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e Data Ascii: -1,[b],c));return true}return false};Sys.Observer.removeAt=function(b,a){if(a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Observer.
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 6e 67 28 29 7d 66 75 6e 63 74 69 6f 6e 20 76 28 61 29 7b 69 66 28 61 3c 31 30 29 72 65 74 75 72 6e 20 22 30 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 29 72 65 74 75 72 6e 20 22 30 30 22 2b 61 3b 65 6c 73 65 20 69 66 28 61 3c 31 30 30 30 29 72 65 74 75 72 6e 20 22 30 22 2b 61 3b 72 65 74 75 72 6e 20 61 2e 74 6f 53 74 72 69 6e 67 28 29 7d 76 61 72 20 68 2c 70 2c 74 3d 2f 28 5b 5e 64 5d 7c 5e 29 28 64 7c 64 64 29 28 5b 5e 64 5d 7c 24 29 2f 67 3b 66 75 6e 63 74 69 6f 6e 20 73 28 29 7b 69 66 28 68 7c 7c 70 29 72 65 74 75 72 6e 20 68 3b 68 3d 74 2e 74 65 73 74 28 65 29 3b 70 3d 74 72 75 65 3b 72 65 74 75 72 6e 20 68 7d 76 61 72 20 71 3d 30 2c 6f 3d 44 61 74 65 2e 5f 67 65 74 54 6f 6b 65 6e 52 65 67 45 78 70 28 29 2c 66 3b 69 66 28 21 6b 26 26 6e Data Ascii: ng()}function v(a){if(a<10)return "000"+a;else if(a<100)return "00"+a;else if(a<1000)return "0"+a;return a.toString()}var h,p,t=/([^d]\|^)(d\|dd)([^d]\|$)/g;function s(){if(h\|\|p)return h;h=t.test(e);p=true;return h}var q=0,o=Date._getTokenRegExp(),f;if(!k&&n
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 41 72 72 61 79 28 74 68 69 73 2e 64 61 74 65 54 69 6d 65 46 6f 72 6d 61 74 2e 41 62 62 72 65 76 69 61 74 65 64 44 61 79 4e 61 6d 65 73 29 3b 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 6f 6e 28 61 Data Ascii: _upperAbbrDays=this._toUpperArray(this.dateTimeFormat.AbbreviatedDayNames);return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:function(a
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 29 69 66 28 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 4f 70 65 72 61 7c 7c 53 79 73 2e 42 72 6f 77 73 65 72 2e 61 67 65 6e 74 3d 3d 3d 53 79 73 2e 42 72 6f 77 73 65 72 2e 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e Data Ascii: )if(Sys.Browser.agent===Sys.Browser.Opera\|\|Sys.Browser.agent===Sys.Browser.FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serialization.
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 58 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 74 79 70 65 6f 66 20 61 2e 6f 66 66 73 65 74 59 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 29 7b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 Data Ascii: peof a.offsetX!=="undefined"&&typeof a.offsetY!=="undefined"){this.offsetX=a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElement._g
2024-10-03 18:58:14 UTC	8192	IN	Data Raw: 61 29 7b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 29 7b 76 61 72 20 62 3d 61 2e 63 75 72 72 65 6e 74 53 74 79 6c 65 7c 7c 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 43 75 72 72 65 6e 74 53 74 79 6c 65 28 61 29 3b 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 62 3f 62 2e 64 69 73 70 6c 61 79 3a 6e 75 6c 6c 3b 69 66 28 21 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 7c 7c 61 2e 5f 6f 6c 64 44 69 73 70 6c 61 79 4d 6f 64 65 3d 3d 3d 22 6e 6f 6e 65 22 29 73 77 69 74 63 68 28 61 2e 74 61 67 4e 61 6d 65 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7b 63 61 73 65 20 22 44 49 56 22 3a 63 61 73 65 20 22 50 22 3a 63 61 73 65 20 22 41 44 44 52 45 53 53 22 3a 63 61 73 65 20 22 42 4c 4f 43 4b 51 55 4f 54 45 22 Data Ascii: a){if(!a._oldDisplayMode){var b=a.currentStyle\|\|Sys.UI.DomElement._getCurrentStyle(a);a._oldDisplayMode=b?b.display:null;if(!a._oldDisplayMode\|\|a._oldDisplayMode==="none")switch(a.tagName.toUpperCase()){case "DIV":case "P":case "ADDRESS":case "BLOCKQUOTE"

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.16	49725	184.28.90.27	443

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:14 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-03 18:58:14 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=251294 Date: Thu, 03 Oct 2024 18:58:14 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-03 18:58:14 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
13	192.168.2.16	49729	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:14 UTC	728	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:14 UTC	737	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Tue, 24 Sep 2024 03:17:47 GMT Accept-Ranges: bytes ETag: "eeaa7a5430edb1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,8409600,0,550,1374168,0,2753734,60 SPRequestDuration: 6 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 34C2FEF1CAA249DAA45EA661C61BCCC5 Ref B: EWR311000104045 Ref C: 2024-10-03T18:58:14Z Date: Thu, 03 Oct 2024 18:58:14 GMT Connection: close
2024-10-03 18:58:14 UTC	3410	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-10-03 18:58:14 UTC	4476	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 bf 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 bf 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6c 03 40 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 ff 70 6c 03 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: plplplplplplplplplplplplplplplplplplpl@plplplplplplplplplplplplplplplplpl@

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
14	192.168.2.16	49731	13.107.136.10	443	6184	C:\Program Files\Google\Chrome\Application\chrome.exe

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:15 UTC	383	OUT	GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1 Host: ppsd-my.sharepoint.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-03 18:58:15 UTC	737	IN	HTTP/1.1 200 OK Cache-Control: max-age=31536000 Content-Length: 7886 Content-Type: image/x-icon Last-Modified: Tue, 24 Sep 2024 03:17:47 GMT Accept-Ranges: bytes ETag: "eeaa7a5430edb1:0" P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,1051136,0,367,1084499,0,1004421,59 SPRequestDuration: 5 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.25311 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 164A7E74F0A4493B959A9BB06613FBE7 Ref B: EWR311000105025 Ref C: 2024-10-03T18:58:15Z Date: Thu, 03 Oct 2024 18:58:14 GMT Connection: close
2024-10-03 18:58:15 UTC	1570	IN	Data Raw: 00 00 01 00 03 00 20 20 00 00 01 00 20 00 a8 10 00 00 36 00 00 00 18 18 00 00 01 00 20 00 88 09 00 00 de 10 00 00 10 10 00 00 01 00 20 00 68 04 00 00 66 1a 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 c6 37 30 d0 c6 37 af d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 ff d0 c6 37 af d0 c6 37 30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 6 hf( @ 7077777770
2024-10-03 18:58:15 UTC	6316	IN	Data Raw: bb b2 31 ff d0 c6 37 ff d0 c6 37 ff b3 ab 25 ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a af 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff ff ff ff ff f8 f7 ef ff e1 e0 c0 ff e1 e0 c0 ff ff ff ff ff ff ff ff ff d2 d1 a1 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 78 72 1f ff bb b2 31 ff c1 b9 2e ff aa a3 1f ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff a1 9b 1a ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff b4 b2 62 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff bc b9 71 ff ff ff ff ff f8 f7 ef ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 87 83 03 ff 5d 59 0e Data Ascii: 177%xr1.bq]Y

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
15	192.168.2.16	49735	172.202.163.200	443

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:58:23 UTC	306	OUT	GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VgOf2reZfZYs9Ys&MD=LUZ9T9+t HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-03 18:58:23 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880" MS-CorrelationId: 3236617f-8f17-4910-b332-a5d0c27fb2c8 MS-RequestId: 3a67be65-d78b-4f0d-bbcc-23e32f7294af MS-CV: sy345SwsFkugvG8q.0 X-Microsoft-SLSClientCache: 2880 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 03 Oct 2024 18:58:23 GMT Connection: close Content-Length: 24490
2024-10-03 18:58:23 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58 Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
2024-10-03 18:58:23 UTC	8666	IN	Data Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31 Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
16	192.168.2.16	49736	4.245.163.56	443

Timestamp	Bytes transferred	Direction	Data
2024-10-03 18:59:01 UTC	306	OUT	GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=VgOf2reZfZYs9Ys&MD=LUZ9T9+t HTTP/1.1 Connection: Keep-Alive Accept: / User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33 Host: slscr.update.microsoft.com
2024-10-03 18:59:01 UTC	560	IN	HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Type: application/octet-stream Expires: -1 Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440" MS-CorrelationId: deef3cb9-5066-4b6f-b6b0-aad62e3bcae9 MS-RequestId: acfae783-247e-4206-9ab9-87fb18a9635c MS-CV: rWjSUUrw/kWZ4wF2.0 X-Microsoft-SLSClientCache: 1440 Content-Disposition: attachment; filename=environment.cab X-Content-Type-Options: nosniff Date: Thu, 03 Oct 2024 18:59:00 GMT Connection: close Content-Length: 30005
2024-10-03 18:59:01 UTC	15824	IN	Data Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK\|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
2024-10-03 18:59:01 UTC	14181	IN	Data Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

Behavior

Click to jump to process

System Behavior

Analysis Process: chrome.exePID: 6956, Parent PID: 2184

General

Target ID:	0
Start time:	14:58:08
Start date:	03/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 6184, Parent PID: 6956

General

Target ID:	1
Start time:	14:58:09
Start date:	03/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1848,i,10871524256218852607,2313697725685453947,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	false

Show Windows behavior

Chronological Activities

Analysis Process: chrome.exePID: 4720, Parent PID: 2184

General

Target ID:	2
Start time:	14:58:10
Start date:	03/10/2024
Path:	C:\Program Files\Google\Chrome\Application\chrome.exe
Wow64 process (32bit):	false
Commandline:	"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ppsd-my.sharepoint.com/:b:/g/personal/dpringle_putnampsd_com/EULMOoJlvG5MrUgPMpxPyhgBJudJKbs5hbuGHRWj94AXdA?e=4%3azTz09N&at=9"
Imagebase:	0x7ff7f9810000
File size:	3'242'272 bytes
MD5 hash:	45DE480806D1B5D462A7DDE4DCEFC4E4
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Chronological Activities

Disassembly

⊘No disassembly