Windows Analysis Report
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Overview

General Information

Sample URL:	https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74
Analysis ID:	1532896
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

AI detected landing page (webpage, office document or email)

Drops files with a non-matching file extension (content does not match file extension)

HTML page contains hidden javascript code

Queries the volume information (name, serial number etc) of a device

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

HTML page contains hidden javascript code

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

HTTP Parser: Base64 decoded: {"version":3,"sources":["webpack://./node_modules/react-loading-skeleton/dist/skeleton.css"],"names":[],"mappings":"AAAA;EACE;IACE,2BAA2B;EAC7B;AACF;;AAEA;EACE,qBAAqB;EACrB,0BAA0B;EAC1B,0BAA0B;EAC1B,6BAA6B;EAC7B,+BAA+B,EAAE,qBAAqB;;EAEtD,mCAAmC;;EAEnC,WAA...

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /public/share/web-034ada86e7d04d74 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/spinner.css HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.us-east-1.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/css/spinner.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALBTGCORS=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALB=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; AWSALBCORS=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALBTGCORS=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALB=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o; AWSALBCORS=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1 HTTP/1.1Host: o49063.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=y3mFLykAQyD3C3PQ6WWnmMS4ECeIzsdOjjRLYcY+XacKIzBjnMSKhC4UEWpWumbwN2mY7KyNfKxnsnPm1ysF3o3xl8EOUkNXUBM/ZCSTbRK5zhf7WrS3wZ8n3Kcfx8k0qYnJnmbrKvWVUf1llzwsG1zwrCWEYa3vfCFeANqbd74S; AWSALBCORS=d807JVFt9An8+dxzpJiQx2DOFRrO6t7qkXxA64ty4Yf1xGqsBabgHmOW4ax8fToXqDHZ/SBj0E+j32eeRILGlpRCR8iX2l+TAFS9PAm5pcx0e76MkDZjuPvWYTPH
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALBTGCORS=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALB=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; AWSALBCORS=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAqZEabPwUAAAA:ZSRVPJrcZOizJIqkhcDhKwQXl8IKzlc2rPkClyD+O64dkHPseD2P+Gv/qKyc1CeJebbrHwN5OMZPbR4TVrj99k3S7izSM5tCbUazp0BhWSeomiEOziSMlVFZPGprnRr5IaDW7s2QOqGrcB4oP2NT9WlqTfSux7yG0hPUD4V4CLTXLk9BrOBngKXkC1cmRpdmCX2mrPYcfERMJE2Nz1AWf9A=
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/verify HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALBTGCORS=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALB=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX; AWSALBCORS=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: CHm_ZIiEBDXTEJ3pvz0RwAsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALBCORS=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALBTGCORS=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALB=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k; AWSALBCORS=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALB=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF; AWSALBTGCORS=XPqYdQgAnEP+bRsfGVSfp6wB+V+VNDUj0XBSrZx5XcvmqtVdxBg0dJ3uNfwWy2Jlv/cnlMYWXQAEILBBfXc5z/zyEoGuQq76yYsyM012Kx7nxKwIv7QsNnTIjIBO6IL7C7Df6odW2HcOhk8b1y9rjfIOg6PaWadmgExWeREthN5O; AWSALBCORS=gpnWU12z77cssPEdjRhwSlX3fGeycStZlYmdJan2san4NOh9Zou7O4Axq/oKdr6UeVqe+xnoQrIb34rMXno+cMUMDUHiRqedfqP3iDUtsQp5/VrJ6XY3lM2xPsMO
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALBTGCORS=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALB=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA; AWSALBCORS=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALBTGCORS=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALB=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53; AWSALBCORS=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide.-323232.1622565221517.css HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"tracestate: 3347059@nr=0-1-294030-30142649-9f48823f905290ea----1728877720234traceparent: 00-abada73e58dde84a0e0bff1b72381ee7-9f48823f905290ea-01Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5NDAzMCIsImFwIjoiMzAxNDI2NDkiLCJpZCI6IjlmNDg4MjNmOTA1MjkwZWEiLCJ0ciI6ImFiYWRhNzNlNThkZGU4NGEwZTBiZmYxYjcyMzgxZWU3IiwidGkiOjE3Mjg4Nzc3MjAyMzQsInRrIjoiMzM0NzA1OSJ9fQ==X-BFF-CSRF: trueAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brCookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALBTGCORS=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALB=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D; AWSALBCORS=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/402b74053d26323596b3.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Items/ContentViewer HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=wxpgc9Xq4NpZcesrKHOSZrd10G3/dNWvLuFYZzxma/GDWsClSRMgguNkdMWD0KgTMX6v9++obBK3YczNPaCkaXzDN7i+Z+PLmxdG9GyX7qka5wQNNfsVCZDlD+fz3iQdx0pnLgwh7ipz2mGg5ksr4InWwbvUZRFblz5mTAOGMQJH; AWSALB=VbUHkpU+HbF7rgCQJi/iM5ZfufzmnmUtyhexcvLWFx88NhDIzJ2JzVOSvgla1kWov10ZOgsNQXM7Co9BqNAQuUbsXm2alZZO7ohHfGQMZD0jnZnlq+T1INFoUJOv; AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: OfM6-qi4b5_CYiePGaGRAwsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: BtmWnaPo6Nvh2DE1ECO2_Asec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: aLoUM51piCvgJITr6OXtbQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=xfF3y4E6OkoP4TbrO5wkGsNDsr0kvxcSVkryuj48rqxQE+2ODLO1AH/jwaGaaDFXJd1AmsnEz3IR8uZamcQM6b+X0G3cubFpMcLTrWoJuaZxnwWh3/dcO82x5ZcBn9od8VlRGgNzcfAG2oX8DDqgtaNjalxiZed+TRFJluzNkOc9; AWSALBCORS=LMFgWjwuaLNJJXq6FRedbnPjPEF4jDxU1Wq9OxQ89dvLvOdvkki9YsAoOvVlczktsz2+m/eLnp1HZV0HHKFpe8wc0QXVHsaIUF6V83hQ8z9pnt/ZGuG7cFvzd/lR
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/launchrequest HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALBTGCORS=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALB=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI; AWSALBCORS=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/d8fcf3851ba79b1d138a.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: yJCC6CGTogsUIuqqaTVhRQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALBTGCORS=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALB=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t; AWSALBCORS=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; AWSALBTGCORS=GjU2WKE7tsYadO8WlR65Mx8Kdy5ZjskqtT/EZUM6dIewFAbbexoYpcivGWfmDosfGBMA/dZj3a1ov8bsXpVQlrubt595y/QkLWwQwrJRVvwAiNmbnLiMmVGjG/rzP24TR2TzjQiJL5MEXGUT84/SY7qtgnxIb7xBKpEmPgzxnB1J; AWSALBCORS=f+mN1soxfbyDbskKBxrAz1MJtWyX1PygaX+BucGlsxF9hm06LdMbSpoXxxuaO/eLvjrI1XLIgh3dWeghW0GFB2AmZ1m9KdQEo4lS9BVhbbc+OpspQdtpfKfUStk6
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /events/1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=37896&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALBTGCORS=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALB=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb; AWSALBCORS=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/document/sessionurl HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/rendering/api/render/pdf?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..wBHWk1CNe89dCPJRGExwKw.CY6l7d3Nj0WXD1dcs7ZlVMjtDDZxf3VOd6QicS-ILNnpgjfbh6J17VHTd_-C2W2stMXuGr5PaX7B3viha_YTk_VNyqaTO1fMQnmC1XChl2hEkOdjQkKVwQbmqCkLERGpx71Gj3d-SG6mOEu4dCcMgGnWSPqg5pPF700wjpBnIwVRya42ek-3md4yRzmlDD0Em98WEvzRWwxNyf5N-AU_HnDwO3vvBy5-ZlsUhx9ba-DocmowGu5-WmMrGGLSEsrySFwxK3dmKZgKVyAS19AqfhXMV8a4oxSsHWeyc3_7UnhXT8Y56clfETyeibuSnvfulKzbwd10e_SlE8LFVMsQUSb0fc1bzD7QlMPm0bdiMLEvO8YMCLhmGA8zgENEm0e1_glNWnvSS6dmEdBEQ8Uqb537KQCiEJjGzcOVn2gPY8-4fzwdsrDGMSN7mMsBNB78hopsPkOXcWJEgDgeN_C9IOHyc9Yxb5CByurTrj0lqBwIp7aX5wuLtWO_NhEnVrJChig2ad5sHv5yVLlPQV4tD9hrNDOmNZgtbFX5bA8Xux-jHoxsY7Jy3L4JlEM5wJB_VS39ESr4VSwo5qH1dqHImWEJt-6TnMN0TKfb8vuD4mSOspHtD9ZrUIn2y-wcy_J0lJ3D0WRG5q1Lh8vFRBo2u6SuZiFyr-cKc3euo7lwyl0WYOLucFGIMysFDruUe0M3P9PWTz4XtUr7S7Ggikr5ov7OH74Uoq6prQfjvAdnrl5ISXJIo89jt567tIOz6R_MfXuhwcNy3q8vnJJ_kDisvly0gpP4PPcDoooLLVAGSILvwridOpr2WR3FyMtRUdpU-uu3GgVKhPYO_BNQMj7mUPUi05SkckmP6CloUQ9wPF1s7mLVvu_ZdWz4qoB0OiQnEB3Y5EbIhcisrUHrTxV59hHXL6sgGfiWtuPskb7P51eW7zOmh6zIGm44qL-C_pWDXp4ZW-GK4F7VThLRTwTeBQGx7mfsGjNywW1hZEyWNvMj63yEofqYTJdq14jTjHgWtdj2wALMvzIQxeXDmSpjsP0D4OrH094g0R-a0afGfs9L5cGr03kPxZOJe08qau7h62T2OX6G9Jpt0Ns86_Q4HKoVEB0j6Wmrz4pVMQ_dcj8vOieEDVzkGZpvPC-4t5Xeq8vkIFeuIDfyerFyUdxMH6wIJWK2gS63f39iQUdLIQ7K0RdTKCXqgp7qKEL1Gd-nT8_jbXfMPgDtC7UMMNlCLk92Eknw6pYF-TVFyMLsHdTQVT53faHRoNHkr86eZ4Aq85FZOKbHF0ECp4q5s8fF8UC0A42I2zr8fwlkIh4pn4WGraTdTHvvZsPFTPEXJZF40x7w-PH9Fhr-JJdJnAHIXNDNRx6xmPQJJxdbAKbkCc9BSHJVGJxFeHPdx0BEdFqH9EYEsCZv45T6mq_GGg-sqO-cT81JQxPhv33TnGoJ_3jVAGke-IFR6jxsuLCXvnEmOSDeBKziAl6FxEB6v19Q36HAAG3QTOgpPaS9aKcrZ5HmewuE753gYF_45kKzHf70fiaBwUGJkwaCXbWOweBfHl1tMwVu-N143611OhtnSAQkR5HSlVVuuyxsw-96IohDvOnpZjeXFbvkoKIxnnnkmards1YTt9Z9TKScu3xCv-2n-CiWA2rqSHhyl6x-MQCZVYiXNiPl7d3qJHdJtGX1KevhNfExF2UgicV8pkLNl5fNLHsdFWJ7XgeNLcU4B1AOcSxBu1LwJisjdfcPdiORcKIoxYN94vdfEpf_gMmKupMo8GKkEgE3oi-JObTd8i2d_7by2REBwWVNb7w0ThX9fLNzYr4D96fOpJF3Q56OZq0kDOS_iwFpmsm3BNM6q9jd3fPfk5VsupvmsGCXJaPBMg.GnpfxIAvhbLpGGhEyBCjig HTTP/1.1Host: sf-renderx-us-east-1.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALBTGCORS=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALB=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9; AWSALBCORS=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..B2aVGXdwQELWM5zpldm8RA.D0SqzqVCoVEmm5nrmtYRUpSxdvbkV-kozB2t42aKeolSvyFtvpL4Cf-lc7ykmn3be3zVhmiD5nxrQgfbT-LEZmrye-Ik0Qk8jenFcr8YNFB4V8w8ullDnKE5g9LncYoUiiDzJVD6ljxN_jfPafXZdpzLi8P75TUzvPuB0I8nCuFP3iEizpTm8E-KLBnhvSnFpQbNMnoZfW6jU0nnOi63SWrV8LsRLHFAmUEVDhi0AEm7JOY-ooGhP-6DDALy9ojky8gslV_kRkPZ8vHXSBATUHP4V3ZIq2FvKiqQ1FPaGMmq9ofN4LMlsmq6Q9VZqtXy89BYadpZer4YyqWCP3D33Efd1YMn-mOILPlb5lJfHZvCV4qe7g3zaZS60HDVR64QSCVQnQnGB4ge-149oY2CAKYx6iANfCOXmZDXzLdgUihGleEYEPr5TNRr1SKTiow7.oii1bhU1Lby7x5CKv1nKlQ HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALBTGCORS=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALB=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30; AWSALBCORS=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=0-65535
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=65536-99256If-Range: "102f2460e4fd2bff54305335f7318409"
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALBTGCORS=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALB=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9; AWSALBCORS=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALBTGCORS=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALB=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU; AWSALBCORS=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.us-east-1.sdk.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sf-api.com
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-content.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: piletfeed-cdn.sharefile.io
Source: global traffic	DNS traffic detected: DNS query: o49063.ingest.sentry.io
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-data.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: sf-cv.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: api.ipify.org
Source: global traffic	DNS traffic detected: DNS query: sf-renderx-us-east-1.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: sf-temp-us-east-1-production.s3.amazonaws.com

Source: unknown

HTTP traffic detected: POST /0093b71e39a6/478ed03bbf12/verify HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveContent-Length: 8687sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:42 GMTContent-Length: 0Connection: closeSet-Cookie: AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, must-revalidate, no-cache, privateContent-Language: enExpires: 0Pragma: no-cacheReferrer-Policy: same-originX-XSS-Protection: 1;mode=blockX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=16000000;includeSubDomains;preload
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 14 Oct 2024 03:48:44 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeSet-Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBTGCORS=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBCORS=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:44 GMTCitrix-TransactionId: 0566a1b3-6677-4c75-88d4-2a34517cd8c6CorrelationId: xgsWBdW7mEevpIzZHzLkjQX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: DNN0Ui6hQ0alOxcagJKHAg
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:45 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBTGCORS=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBCORS=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: ZV76AU7iEUq1u7PWgYnafw
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:46 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: 3ukJ0UE_GEah1hMOHKpDbA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:50 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBTGCORS=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBCORS=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:50 GMTCitrix-TransactionId: 97f4887c-41bb-4d6a-9a5b-c4ffc9ed9e8aCorrelationId: eRg7am7WP0y5zW75B77ZQAX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: UtVW1pV6vk-zraabRAkp_Q

Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://b.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://f.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/780dddc8-18a1-5781-895a-a690464fa89ccacheFileFullNotificationPerce
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/chttp://test-exp-s2s.msedge.net/ab/c(
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/ge
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/gecacheFileFullNotificationPercentagehttp://test-exp-s2s.msedge.ne
Source: chromecache_205.2.dr, chromecache_169.2.dr	String found in binary or memory: http://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://weather.service.msn.com/data.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/download
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/commerce/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://agent.pendo.io/licenses
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://analysis.windows.net/powerbi/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/api/addins/search
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appinfo/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appstate/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/app/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/feedback
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/file
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.officescripts.microsoftusercontent.com/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.onedrive.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/beta/myorg/imports
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.scheduler.
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.live.net/v5.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://app.powerbi.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://arc.msn.com/v4/api/selection
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com/v2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/f
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az815563.vo.msecnd.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://canary.designerapp.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designer-mobile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/fonts
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-assets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-dynamic-strings
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-home-screen
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.entity.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.hubblecontent.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.int.designerapp.osi.office.net/fonts
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/DGXiXepNeRvpgcvqVVwgerMyl9c/FzHL74W
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/RKXGQO-T4hA-4ZEVZHET-2hQSkA/2qzaI4Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/WPvkzGkOrfIvp3qkN5N54f_1PEk/YiOA-0Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6A
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/freMllnYvBAwsP7Q8plLkQuQk9o/iIvmdJJ
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/jfhRXEM-T3XDOIl2P_kjewAdeGc/LhZTKWo
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/kRiIYerdgZdzqYlUiCx61iLjnBU/vJf7TMD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/mfS2ulYoG7dN1QSakrLPIk6LA7Q/4_xFPLt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/moENhVNGkRpdnhKRCzqkG8MUQPk/Mp9uRb2
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/njPoQ1-6YEZw5vUbZJ0_GVUQ91Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/qgx_AaYBkGN6StQWJLhgBhCmZsY/ZEFqtCH
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWAD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/wotSbq5SNToNGIBxeYKbdsIn35Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/z6GAMp5KCypHWLnasLOIn0RVcPQ/vzuAMPt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1622565221517.css
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://client-office365-tas.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/DeltaAdvisory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/mac
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v1/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/blocklowlabelimageloadsdevicecapabilitycamera
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/controlflowguardhttps://config.edge.skype.net/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v2/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/P
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentcheckin/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentweb/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cr.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://d.docs.live.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerapp.azurewebsites.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerappservice.officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev0-api.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://devnull.onenote.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://directory.services.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v1/Designer
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v2/Office
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/registrar/prod
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/rps
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://globaldisco.crm.dynamics.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/pivots/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?secureurl=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ic3.teams.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/client
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/clientstore
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://invites.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lifecycle.office.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/organizations
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.local
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.local/
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/common/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://make.powerautomate.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messagebroker.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setcampaignaction
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setuseraction16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/campaignmetadataaggregator
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/getcustommessage16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://metadata.templates.cdn.office.net/client/log
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://mss.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.pagecontentsync.
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexus.officeapps.live.com
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexusrules.officeapps.live.comP#
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ods-diagnostics-ppe.trafficmanager.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeci.azurewebsites.net/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/service.functionality
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officesetup.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/embed?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.azureedge.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.svc.static.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/connectors
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/review/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://pendo-static-5352587489443840.storage.googleapis.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift-frontdesk.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pushchannel.1drv.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/mro1cdnstorage/fonts/prod/4.40
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/polymer/models
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://safelinks.protection.outlook.com/api/GetPolicy
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.officepy.microsoftusercontent.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.powerapps.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://settings.outlook.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://shell.suite.office.com:1443
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://skyapi.live.net/Activity/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://staging.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.cn/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.de/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/Notes-Internal.ReadWrite
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v2/init
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://tasks.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://templatesmetadata.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://useraudit.o365auditrealtimeingestion.manage.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://web.microsoftstream.com/video/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webshell.suite.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word-edit.officeapps.live.com/we/rrdiscovery.ashx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.pagecontentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.odwebp.svc.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.yammer.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com/https://login.windows.net
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com50

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: classification engine

Classification label: mal52.win@19/152@60/20

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

File created: C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74"
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msoimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso40uiimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.word.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso50imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.view.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxshared.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.viewmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: clipc.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: logoncli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hx.mail.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxcalendar.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.remotedesktop.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.systemid.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.retailinfo.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msxml6.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: photometadatahandler.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ploptin.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: webservices.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataaccountapis.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataplatformhelperutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: accountsrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: aphostclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: office.ui.xaml.hxaccounts.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.security.authentication.web.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msftedit.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wuceffects.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiautomationcore.dll	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe

File opened: C:\Windows\SYSTEM32\msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: \REGISTRY\A\{bfc8b437-7efe-3d25-3410-9e9f0f2e4849}\LocalState\HKEY_CURRENT_USER\Software\Microsoft\Office Test\Special\PerfImm

Jump to behavior

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

LLM: Page contains button: 'Preview or Download' Source: '1.5.pages.csv'

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 168	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157	Jump to dropped file

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: settings.dat.7.dr

Binary or memory string: VMware, Inc. VMware20,1NE

Queries the volume information (name, serial number etc) of a device

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.224.189.108	unknown	United States	16509	AMAZON-02US	false
44.199.170.102	events.launchdarkly.com	United States	14618	AMAZON-AESUS	false
13.248.193.251	totalcanterbury0.sharefile.com	United States	16509	AMAZON-02US	false
52.217.67.148	s3-w.us-east-1.amazonaws.com	United States	16509	AMAZON-02US	false
15.197.239.217	sf-renderx-us-east-1.sharefile.com	United States	7430	TANDEMUS	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
34.107.204.85	85.204.107.34.bc.googleusercontent.com	United States	15169	GOOGLEUS	false
104.26.12.205	unknown	United States	13335	CLOUDFLARENETUS	false
13.32.121.41	0093b71e39a6.us-east-1.sdk.awswaf.com	United States	16509	AMAZON-02US	false
18.245.31.22	unknown	United States	16509	AMAZON-02US	false
34.111.138.51	51.138.111.34.bc.googleusercontent.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.245.31.29	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	United States	16509	AMAZON-02US	false
13.224.189.90	piletfeed-cdn.sharefile.io	United States	16509	AMAZON-02US	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
142.250.186.100	www.google.com	United States	15169	GOOGLEUS	false
76.223.1.166	totalcanterbury0.sf-api.com	United States	16509	AMAZON-02US	false
34.120.195.249	o49063.ingest.sentry.io	United States	15169	GOOGLEUS	false
172.67.74.152	api.ipify.org	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
fastly-tls12-bam.nr-data.net	162.247.243.29	true
totalcanterbury0.sf-api.com	76.223.1.166	true
sf-renderx-us-east-1.sharefile.com	15.197.239.217	true
0093b71e39a6.us-east-1.sdk.awswaf.com	13.32.121.41	true
js-agent.newrelic.com	162.247.243.39	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
events.launchdarkly.com	44.199.170.102	true
sf-cv.sharefile.com	76.223.1.166	true
piletfeed-cdn.sharefile.io	13.224.189.90	true
totalcanterbury0.sharefile.com	13.248.193.251	true
0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	18.245.31.29	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
s3-w.us-east-1.amazonaws.com	52.217.67.148	true
51.138.111.34.bc.googleusercontent.com	34.111.138.51	true
o49063.ingest.sentry.io	34.120.195.249	true
www.google.com	142.250.186.100	true
api.ipify.org	172.67.74.152	true
85.204.107.34.bc.googleusercontent.com	34.107.204.85	true
app.launchdarkly.com	unknown	unknown
citrix-sharefile-content.customer.pendo.io	unknown	unknown
bam.nr-data.net	unknown	unknown
citrix-sharefile-data.customer.pendo.io	unknown	unknown
sf-temp-us-east-1-production.s3.amazonaws.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/d5a7899d41651404accd.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/2c61db7618456a4b4ea2.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/5626aad50bfaf67fedc0.js	false		unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/92fe442fb8f2d1f7093b.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js	false		unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/3aa33bb6fffd83a61c47.svg	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/main.css	false		unknown
https://totalcanterbury0.sharefile.com/bundles/d178f6eceb0126b1e292.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/c3b78c86faf44765071f.js	false		unknown
https://o49063.ingest.sentry.io/api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/af15e31c70fab7cfd55c.woff2	false		unknown
https://bam.nr-data.net/events/1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=37896&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74	true		unknown
https://totalcanterbury0.sharefile.com/bundles/ba7dfd1a6326f1b75478.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/5be3ba1b444ac539eaf5.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/402b74053d26323596b3.woff2	false		unknown
https://0093b71e39a6.11de9b12.us-east-1.token.awswaf.com/0093b71e39a6/478ed03bbf12/telemetry	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/main.css	false		unknown
https://sf-cv.sharefile.com/service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..B2aVGXdwQELWM5zpldm8RA.D0SqzqVCoVEmm5nrmtYRUpSxdvbkV-kozB2t42aKeolSvyFtvpL4Cf-lc7ykmn3be3zVhmiD5nxrQgfbT-LEZmrye-Ik0Qk8jenFcr8YNFB4V8w8ullDnKE5g9LncYoUiiDzJVD6ljxN_jfPafXZdpzLi8P75TUzvPuB0I8nCuFP3iEizpTm8E-KLBnhvSnFpQbNMnoZfW6jU0nnOi63SWrV8LsRLHFAmUEVDhi0AEm7JOY-ooGhP-6DDALy9ojky8gslV_kRkPZ8vHXSBATUHP4V3ZIq2FvKiqQ1FPaGMmq9ofN4LMlsmq6Q9VZqtXy89BYadpZer4YyqWCP3D33Efd1YMn-mOILPlb5lJfHZvCV4qe7g3zaZS60HDVR64QSCVQnQnGB4ge-149oY2CAKYx6iANfCOXmZDXzLdgUihGleEYEPr5TNRr1SKTiow7.oii1bhU1Lby7x5CKv1nKlQ	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/2efeefafc2bb68a97d33.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/main.css	false		unknown
https://totalcanterbury0.sharefile.com/bundles/102a12cf4db82175eb4a.js	false		unknown
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74	true		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js	false		unknown
https://totalcanterbury0.sf-api.com/sf/v3/Items/ContentViewer	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/main.css	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData\Local\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\3B28D87C-1702-4267-8E30-2F7FAA6BA453	XML 1.0 document, ASCII text, with CRLF line terminators	0BA40C5B9056023BCC25D63C05129AB1	ABBACE7B37BA7C2D0D7618F486E2C6BAD862C8D4	01DD4DCA9B277070963952EC3DAE28AA8812BB4F3F24CCFB8009048DD116BB95
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxAccountsAlwaysOnLog.etl	data	A404F269D5C6CDC653F14A568A73A33C	F8447C24E829D6E317F9BEFCF9176D8335CC8DB1	263DDE4A8D81A27A30A158DE387C06BC1685D2734E8EF4D774A4684F283247ED
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxmAlwaysOnLog.etl	data	1D34DD5844E06DF9B18172287756EA89	DC4B0B8C03DB54EC58DB12D8E0588F0D80CB85AF	1401F813B92A46911201578A67115808E216B1038057936FEFFD022E682BEDC4
C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat	MS Windows registry file, NT/2000 or above	9702A70D0FB67D831733A4D05EE62047	F36E0961A198D904FBF2FD7621026DC97E780269	D74AC9E76A50263BB663FCDD4B1922A3199BE6C322BDE1C126C9B77E4A0FCEEE
Chrome Cache Entry: 145	Unicode text, UTF-8 text, with very long lines (22063), with no line terminators	D2702DCFED567BCA070F8FC55EE3BBE6	13B0C79DBD613889BDD32D6234DAE9CAEAA3CE8C	B530C482126F2B86447E3A7E6F9319C8FCCD071659A3BAF914E8C51589AEF220
Chrome Cache Entry: 146	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 147	ASCII text, with very long lines (65472)	530A7B55C7F2519E38F8B06FE7B2AB6D	792B4A21E3F0A3CC0AFB3F0D5AE0C9BD4D686697	F764709D6B4455A16AB263B1963537EEBE306D4B2B38430A3205EDE496610B4D
Chrome Cache Entry: 148	Unicode text, UTF-8 text, with very long lines (48708)	4489B17303360EF8BFDA860F2F07AE51	394A49D396E3943F70E132CE0F04F088CA46025F	699545149D5E0A94640A266C16AEF47D66F66F7B00D4CFA081A9B5DFBAF3D252
Chrome Cache Entry: 149	ASCII text, with very long lines (53925)	3EFBAE3E8929430A8D33717801E9C89C	82D05FE3B9D03DEC0081932CE98B0BB8D2D14520	5764E77F219A80CB4F8C1462A3004FF53CAA334A7B2AB30D956F211C3292006F
Chrome Cache Entry: 150	JSON data	2E1E0B28D6E7522CB687E20D37BCD8AA	03D5EFE3719CAB433421C4D9BF6C73E0B8EB69E5	124CE91528D8ACB894BDC980ABDDF035B38CDC64CE13F088D431E0B10D61FB24
Chrome Cache Entry: 151	ASCII text, with very long lines (65473)	0496A964F7644C653415D31FD499388B	2D3AC1D48F2BD9771D17F70FAD25D6BE54C9A7F2	6676EBA7254F48E07B446B828180B7B1EA7BDA2A3018CC01AC48FC88A514FA12
Chrome Cache Entry: 152	ASCII text, with very long lines (65473)	C555335753018971124DABD9753F7AB0	777ACC456CEBF8525CAFFEB55C9D72C41117907A	F5EEC20D62DDE7D3BF3FA601C11AA6136CFC8C4BD01DF3BF630E6D7DD0DB9A20
Chrome Cache Entry: 153	ASCII text, with very long lines (65475)	5D7E959E6B83248D04C1764F8F6F153E	9CB75E73CEE59773AC7F82C41EC4B11FB6168C37	17C44981056AE13F58B412BEF7B9708B004F7A9A3F8B92366766D01181F9B386
Chrome Cache Entry: 154	ASCII text, with very long lines (65477)	2342B7F75ABFAC4C3233141AD53AF79A	2EE3A174B30FAC49EC2E291ADB9462CFD54B8A8D	E3DF1C17428135BDFB39CC984C80A50967378919265E4A2D8F91D54826BF38F3
Chrome Cache Entry: 155	Web Open Font Format (Version 2), TrueType, length 41268, version 1.0	B9EB4972777F0182FE841BBC280E5CDE	EDC69B1AA4B56048EA6B5C0217DABE8144036E25	D37AB938D33FE41FEC69CC38C301A5AB7CB5AB928DBA29D9E9407582E08D3D24
Chrome Cache Entry: 156	Unicode text, UTF-8 text, with very long lines (65240)	E43F171E9C550011E58426AF8E55DCEE	05690F9E9154EAEEA378573C4BB0154E8A2BCEE1	34E128838A10E3BC3E8434E9E66C912A9056F635F7B3C0FA04A5E712D30F11F2
Chrome Cache Entry: 157	PDF document, version 1.7, 1 pages	102F2460E4FD2BFF54305335F7318409	4B8463549080484564BF6DB724BD103239FBF932	241AD67CD20B0D4FDA9B735166B4ECD8CC31EE97DF013E13365432DB1E996255
Chrome Cache Entry: 158	ASCII text, with very long lines (6378)	FAE76DAE7784930E96292B65FEEDBC0D	AFFD25E6159BE1645F1FFE8CE4BAFBF8D9710C3C	69B7DBF013D733F4E7A1313102219E1D58DFA5F7D95D2ED590B88D935C8B1E84
Chrome Cache Entry: 159	GIF image data, version 89a, 1 x 1	D89746888DA2D9510B64A9F031EAECD5	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
Chrome Cache Entry: 160	GIF image data, version 89a, 1 x 1	D89746888DA2D9510B64A9F031EAECD5	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
Chrome Cache Entry: 161	ASCII text, with very long lines (65472)	530A7B55C7F2519E38F8B06FE7B2AB6D	792B4A21E3F0A3CC0AFB3F0D5AE0C9BD4D686697	F764709D6B4455A16AB263B1963537EEBE306D4B2B38430A3205EDE496610B4D
Chrome Cache Entry: 162	ASCII text, with very long lines (65477)	66960F160A996198483C9B80DB9BB067	3B88BD8104FC9D78F6EFA282846F552C6DCD2902	068BB5A28EB54D79EB794121A870099D967C5467E6F174850EF283B4D56F0D1B
Chrome Cache Entry: 163	Unicode text, UTF-8 text, with very long lines (65399)	4BCA71B5E96BA1017D2F126850C99835	E48A42C801197D142912941554398979EEE0A639	6B98719775F73C629E39427EDF4D3A67506C6AF5E7ED2C9C80F630A1EE0ED03E
Chrome Cache Entry: 164	ASCII text, with very long lines (65476)	C6FD21E7E412186282D2436A3067AAD3	F0D0C2525A1C8140D401068F69FDC1AAF0705C40	42A04812F58A260F6D26930F471BDD24E2D7E14573169F7CB622C0F6D7C69DC6
Chrome Cache Entry: 165	ASCII text, with very long lines (65476)	C6FD21E7E412186282D2436A3067AAD3	F0D0C2525A1C8140D401068F69FDC1AAF0705C40	42A04812F58A260F6D26930F471BDD24E2D7E14573169F7CB622C0F6D7C69DC6
Chrome Cache Entry: 166	ASCII text, with very long lines (65479)	55C26F55FB77BB90ED8C5F490933562B	27359D5A2510109A18AD8B2295F7CC991B730CFC	4904865203474DC3CBDB228616B19AB3DF312916D97DA4CC3D606D25F55BC5CF
Chrome Cache Entry: 167	ASCII text, with very long lines (65479)	114E798D503A347AAB2A537702E1593F	EDC8A8C19A54D81944F8EA870D826E06A7362161	091AB89F90FE0DBAEDE5C8C9C5308C702C75D49A9CD809CECB9F001F98788C38
Chrome Cache Entry: 168	PDF document, version 1.7, 1 pages	102F2460E4FD2BFF54305335F7318409	4B8463549080484564BF6DB724BD103239FBF932	241AD67CD20B0D4FDA9B735166B4ECD8CC31EE97DF013E13365432DB1E996255
Chrome Cache Entry: 169	JSON data	02158C7EC597DCF8272488CDC164BCAE	7BDDD53C23205EC2FD68AF3FBC478B1139DE6C10	10C5330D673728160B092C4A868CAAD2E1EB2BC4E2A4D6EDB3B9CEBF4A3AB35E
Chrome Cache Entry: 170	ASCII text, with very long lines (65474)	38596D901C05CDCB1B7DB1F4D6D21BA7	8A86524AAEE7B7462081A6A3C6F9FBCF6174C80A	159C798B7CB0A3F271E179FBFF2D2862394D1F2832F248D6F71802C7F253C04E
Chrome Cache Entry: 171	ASCII text	595E88012A6521AAE3E12CBEBE76EB9E	DA3968197E7BF67AA45A77515B52BA2710C5FC34	B16E15764B8BC06C5C3F9F19BC8B99FA48E7894AA5A6CCDAD65DA49BBF564793
Chrome Cache Entry: 172	ASCII text, with very long lines (65536), with no line terminators	8FC3339F5EEA81451B2F773664099978	61426CA9488DEF4C36AB855A8961C35CE8E5709B	D3820B5C49A7057683FD0CC78DE99EED2A28860403C2590ED08AEFB8D59465DC
Chrome Cache Entry: 173	ASCII text, with very long lines (65310)	6888DBD9BFACCE1A14B025222D1C3734	547FF28ED9973F370896B85C7007A5F4891C9177	1EE4DD1DF098A72A60ADA7981AEF2072C4A8FC451D1FEF7096972DE3D34FF274
Chrome Cache Entry: 174	ASCII text, with no line terminators	97B958FA75E225CEA6FA3F3E399010D0	4DDFF887AB1D6FFC1678A717F1327E6C0900B9F8	0C909725B0EA7DA9994F16E47A4142783410C5AA25CDD7770F85DC61EB8A170C
Chrome Cache Entry: 175	ASCII text	79E997CA126B2522CDB04FE90DF21752	9240FE86112391FE95C34F1E49E26C7FBC2B4722	4B3A8A6F91F2F2B51FB6AB816435BD3E3B0C6622D005BA080333F49444083C85
Chrome Cache Entry: 176	ASCII text, with very long lines (65477)	66960F160A996198483C9B80DB9BB067	3B88BD8104FC9D78F6EFA282846F552C6DCD2902	068BB5A28EB54D79EB794121A870099D967C5467E6F174850EF283B4D56F0D1B
Chrome Cache Entry: 177	Unicode text, UTF-8 text, with very long lines (13545), with no line terminators	1711B6CAC451CFDB8E7EF06DAEDB3279	C413F2ACDD0CDABE881719E8EF54F4B21969F907	386F4FDE9CA6B967C1F9968AAA58E104F05A1F66A592D2E46019954E32CAAD24
Chrome Cache Entry: 178	Unicode text, UTF-8 text, with very long lines (65471)	A5C6F208FE49A7152E57B0225D1E43C4	16A0C9BA7221F037FC1D815A2C31454C97EA5470	16F24EE341EA898499A49F63020B3EFB22310552D7BAB39F4058A257BC0C07AF
Chrome Cache Entry: 179	Unicode text, UTF-8 text, with very long lines (48708)	9C4E286E599C4C79D66097023EE09D50	DA8F3806FDC070F5B9649063D9785786B2958055	45251AD614D8F43511DA6CC0E04F4E7C71201E5A4BA1C0258378CD468F370ABA
Chrome Cache Entry: 180	ASCII text, with very long lines (1456)	F17CADE455C1E9DF4641950A02B898EC	416716233F1A8EA7201A7DC0F218178516CC0E37	06D24BF97F48A83E5D0AA3C508620BA5BEC38AD6959626CD1BA631D1C9520914
Chrome Cache Entry: 181	ASCII text, with very long lines (65473)	C555335753018971124DABD9753F7AB0	777ACC456CEBF8525CAFFEB55C9D72C41117907A	F5EEC20D62DDE7D3BF3FA601C11AA6136CFC8C4BD01DF3BF630E6D7DD0DB9A20
Chrome Cache Entry: 182	Unicode text, UTF-8 text, with very long lines (65453)	EC10A08ABEEA396244C7C88FFAA5ECF7	29EA05BFC2B2A754AE77DF48FEBAC23A79352C48	E4126A1DD61B9AB0EB21038540041710DDCBDCD5E03C0D7C302F74E25EF34B8E
Chrome Cache Entry: 183	GIF image data, version 89a, 1 x 1	D89746888DA2D9510B64A9F031EAECD5	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
Chrome Cache Entry: 184	ASCII text, with very long lines (65479)	68B7D9CC403C9D5FF3D0C1F9EA0182C2	174DD1E16EB70EF76611B84A7BA30DBF0C4D0380	AACFED7ED783550FAA9FCD616FB323CC101407670E0C2E4EC3F639E9534B9981
Chrome Cache Entry: 185	ASCII text, with very long lines (32010)	63E2DF852D15AB21D7FF8FC4363222E8	7EE401BA652DB0A4EC960350E17216CDA01E22FB	545156ADEAE44DADC82B98D504F805EBE77FB79C928EF34EED1057BB9D4CB8FE
Chrome Cache Entry: 186	ASCII text, with very long lines (65473)	735CBA16BF1442C21B8FA8E78AA8E83A	D55ED9608E0C39F5EE38494238BBEECB0A43AD04	6B624BCD118EB8A238E333374B68349510FF0FEC6B843F5F46CE09A2DB176879
Chrome Cache Entry: 187	Web Open Font Format (Version 2), TrueType, length 36944, version 1.0	167E1CF5FED6B58439CAC0F8CBC8B112	6257B8DB5BE9B64AC8DF883BD15F93549BC5FD3A	87A8C06A966031596415B7D116BCDAD5FC51E32B613B386491094A87A0E36714
Chrome Cache Entry: 188	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 189	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
Chrome Cache Entry: 190	Unicode text, UTF-8 text, with very long lines (65464)	1D059A1E91899CAD205E8515BEA97D44	267D30365734958CE77067EB024CAA2B420AF43B	018DA9C0A119691D99F8CF324C5A07665A6E2117A5DD691B06F4C69E171BD243
Chrome Cache Entry: 191	ASCII text, with very long lines (65474)	38596D901C05CDCB1B7DB1F4D6D21BA7	8A86524AAEE7B7462081A6A3C6F9FBCF6174C80A	159C798B7CB0A3F271E179FBFF2D2862394D1F2832F248D6F71802C7F253C04E
Chrome Cache Entry: 192	ASCII text, with very long lines (65479)	6ECE8CF8647F68F66C594FF97FE16702	D72303F3876985C9486B61EA5C680EA6E7CF8AF4	BADEF088CF835FEB78870ED347F2C7515794419F5DAED0BF5C247331399FC55A
Chrome Cache Entry: 193	ASCII text, with very long lines (65473)	0496A964F7644C653415D31FD499388B	2D3AC1D48F2BD9771D17F70FAD25D6BE54C9A7F2	6676EBA7254F48E07B446B828180B7B1EA7BDA2A3018CC01AC48FC88A514FA12
Chrome Cache Entry: 194	Unicode text, UTF-8 text, with very long lines (13545), with no line terminators	1711B6CAC451CFDB8E7EF06DAEDB3279	C413F2ACDD0CDABE881719E8EF54F4B21969F907	386F4FDE9CA6B967C1F9968AAA58E104F05A1F66A592D2E46019954E32CAAD24
Chrome Cache Entry: 195	ASCII text, with very long lines (65477)	3EB98FC30E286B34AE6A699333C2B13C	77C23C14692750726264F041C4A4A5AE8500F342	A32F71A5A80553B0D31399E96A2288F045B600E289446F601D032909AB5B6614
Chrome Cache Entry: 196	ASCII text, with very long lines (65474)	D46761310B3C627CC468F3B845E55ECA	41E1ED698BAF4A8B5228B551175ABA04B1F3D573	ADE7ADA624732E91D0A25FBE9715B4628827176AD5ED40EDA779916A9C15CEC8
Chrome Cache Entry: 197	ASCII text, with very long lines (65475)	5330D2180773E126082327CDE098052B	53699B2260BBD7DE7B5245FE2E3F090D50739096	0F28074F0BEFAC89C11AFAAD402B60838DD059294FF897864A7F98522302F65B
Chrome Cache Entry: 198	ASCII text, with very long lines (65480)	41E01B6FF80BCB6F70560C42BA70E4B2	3D9F34E64011D49AEC791D706FA20081F23E0FF4	DB5A6CDEC9DBB2097BB9101B7BDA2DD023997C508D1172DBF72525F34447C15E
Chrome Cache Entry: 199	ASCII text, with very long lines (65536), with no line terminators	D42BA761AC3F566490C4DBED8BF655E2	9FB2D8D09DE3963BCEBC94795E2EB8F7783EDA10	28C7CE877A4B56A8ACC2838EE8AEA17766B7EE8696E53AF8C50B5F477685BCF8
Chrome Cache Entry: 200	Unicode text, UTF-8 text, with very long lines (65399)	4BCA71B5E96BA1017D2F126850C99835	E48A42C801197D142912941554398979EEE0A639	6B98719775F73C629E39427EDF4D3A67506C6AF5E7ED2C9C80F630A1EE0ED03E
Chrome Cache Entry: 201	ASCII text, with no line terminators	46DF3E5E2D15256CA16616EBFDA5427F	BE8F9B307E458075DA0D43585A05F1D451469182	AF3248D0B278571EFF9A22F8ED1CEB54B70D202B44FD70ECA4CA13A5771CECC3
Chrome Cache Entry: 202	Unicode text, UTF-8 text, with very long lines (61276), with no line terminators	1EF237D0B6617D5D9E82D98839B65753	02560680FCAF4E0465D229D2E2A46F3D81C834BD	5EB2E4375E3E1625F20F5E12F9CF0DDCC854166BB54F942D2F47003D86747AFC
Chrome Cache Entry: 203	ASCII text, with very long lines (65479)	68B7D9CC403C9D5FF3D0C1F9EA0182C2	174DD1E16EB70EF76611B84A7BA30DBF0C4D0380	AACFED7ED783550FAA9FCD616FB323CC101407670E0C2E4EC3F639E9534B9981
Chrome Cache Entry: 204	ASCII text, with very long lines (65480)	41E01B6FF80BCB6F70560C42BA70E4B2	3D9F34E64011D49AEC791D706FA20081F23E0FF4	DB5A6CDEC9DBB2097BB9101B7BDA2DD023997C508D1172DBF72525F34447C15E
Chrome Cache Entry: 205	JSON data	02158C7EC597DCF8272488CDC164BCAE	7BDDD53C23205EC2FD68AF3FBC478B1139DE6C10	10C5330D673728160B092C4A868CAAD2E1EB2BC4E2A4D6EDB3B9CEBF4A3AB35E
Chrome Cache Entry: 206	ASCII text, with very long lines (65479)	CDCA5117242386D7CABB8C5CDEE3F9A1	E79CED8986A52C729CBBD2C876D0DC25C0FFD33D	579901D2E27F2ED03F94DE3602CF3A15EDB7C307E6D0E325E663A8A75C81B036
Chrome Cache Entry: 207	ASCII text, with very long lines (65474)	D46761310B3C627CC468F3B845E55ECA	41E1ED698BAF4A8B5228B551175ABA04B1F3D573	ADE7ADA624732E91D0A25FBE9715B4628827176AD5ED40EDA779916A9C15CEC8
Chrome Cache Entry: 208	ASCII text, with very long lines (65475)	0D0A56254A42D9B0CA24878E2CE733BE	2310B1FA4E2BC3634D32B4EFC3703B05F13C8E8D	81CD50C7970051569C9F82B909C95A90E44A93F765362ED25B28AC4D69085383
Chrome Cache Entry: 209	ASCII text, with very long lines (65476)	084DDCA8EB1D6BFE21F54C9820777876	FD5E045C591FCBAA81F17634986867EBD4D1C2F1	4452E46BDBD44B1E5A22EDFF4FD143DBE233FB66A4752027301E7F8F03FF5587
Chrome Cache Entry: 210	Unicode text, UTF-8 text, with very long lines (65402)	B5D95B131A56925ED34B1CF110473319	92E638C9042CEA3E57F02C110ABF2F76B69E7EE2	D0AE89E960445A175B51BB797B1EBC7E144A775C377900CF4EAB1B239104A206
Chrome Cache Entry: 211	ASCII text, with very long lines (65479)	CDCA5117242386D7CABB8C5CDEE3F9A1	E79CED8986A52C729CBBD2C876D0DC25C0FFD33D	579901D2E27F2ED03F94DE3602CF3A15EDB7C307E6D0E325E663A8A75C81B036
Chrome Cache Entry: 212	Unicode text, UTF-8 text, with very long lines (61276), with no line terminators	1EF237D0B6617D5D9E82D98839B65753	02560680FCAF4E0465D229D2E2A46F3D81C834BD	5EB2E4375E3E1625F20F5E12F9CF0DDCC854166BB54F942D2F47003D86747AFC
Chrome Cache Entry: 213	ASCII text, with very long lines (65479)	6ECE8CF8647F68F66C594FF97FE16702	D72303F3876985C9486B61EA5C680EA6E7CF8AF4	BADEF088CF835FEB78870ED347F2C7515794419F5DAED0BF5C247331399FC55A
Chrome Cache Entry: 214	ASCII text, with very long lines (65475)	5330D2180773E126082327CDE098052B	53699B2260BBD7DE7B5245FE2E3F090D50739096	0F28074F0BEFAC89C11AFAAD402B60838DD059294FF897864A7F98522302F65B
Chrome Cache Entry: 215	ASCII text, with no line terminators	97B958FA75E225CEA6FA3F3E399010D0	4DDFF887AB1D6FFC1678A717F1327E6C0900B9F8	0C909725B0EA7DA9994F16E47A4142783410C5AA25CDD7770F85DC61EB8A170C
Chrome Cache Entry: 216	ASCII text, with very long lines (65473)	735CBA16BF1442C21B8FA8E78AA8E83A	D55ED9608E0C39F5EE38494238BBEECB0A43AD04	6B624BCD118EB8A238E333374B68349510FF0FEC6B843F5F46CE09A2DB176879
Chrome Cache Entry: 217	ASCII text, with very long lines (65472)	88FE5AF93A34045D123F8553A1D1F252	367EE95CE0506BDD13B0F548BC252C49388AE56D	0920ECC552C22FA97C56F9651F5A00048ACA19A90657A7E2470B3A14067C4C9D
Chrome Cache Entry: 218	Unicode text, UTF-8 text, with very long lines (22063), with no line terminators	D2702DCFED567BCA070F8FC55EE3BBE6	13B0C79DBD613889BDD32D6234DAE9CAEAA3CE8C	B530C482126F2B86447E3A7E6F9319C8FCCD071659A3BAF914E8C51589AEF220
Chrome Cache Entry: 219	Unicode text, UTF-8 text, with very long lines (65455)	1B4BEF66080AA287B1D9E5454FB07741	621C5DBABD3ED48B1FA2064891EA257CAE258DB1	484C55D3B30B3EC6E1A967A348DAE66E5BF17DF6AEF6ABBF90D6BD824CBCA983
Chrome Cache Entry: 220	ASCII text, with very long lines (46254)	339B13B91CE8CF7CAD214117EA302B1F	98F3C31699CE0C6516E366AFE421F3D941309A6A	BDF4BB9CE620D4819A9D3FEB0738321607788FD880621C2A21B6DBF8CB711032
Chrome Cache Entry: 221	GIF image data, version 89a, 1 x 1	D89746888DA2D9510B64A9F031EAECD5	D5FCEB6532643D0D84FFE09C40C481ECDF59E15A	EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
Chrome Cache Entry: 222	Unicode text, UTF-8 text, with very long lines (65455)	1B4BEF66080AA287B1D9E5454FB07741	621C5DBABD3ED48B1FA2064891EA257CAE258DB1	484C55D3B30B3EC6E1A967A348DAE66E5BF17DF6AEF6ABBF90D6BD824CBCA983
Chrome Cache Entry: 223	JSON data	2E1E0B28D6E7522CB687E20D37BCD8AA	03D5EFE3719CAB433421C4D9BF6C73E0B8EB69E5	124CE91528D8ACB894BDC980ABDDF035B38CDC64CE13F088D431E0B10D61FB24
Chrome Cache Entry: 224	Unicode text, UTF-8 text, with very long lines (65240)	E43F171E9C550011E58426AF8E55DCEE	05690F9E9154EAEEA378573C4BB0154E8A2BCEE1	34E128838A10E3BC3E8434E9E66C912A9056F635F7B3C0FA04A5E712D30F11F2
Chrome Cache Entry: 225	ASCII text, with very long lines (65475)	0D0A56254A42D9B0CA24878E2CE733BE	2310B1FA4E2BC3634D32B4EFC3703B05F13C8E8D	81CD50C7970051569C9F82B909C95A90E44A93F765362ED25B28AC4D69085383
Chrome Cache Entry: 226	Unicode text, UTF-8 text, with very long lines (65455)	ED5AEEA53278040B2022DEA269DC2B98	293D8B7E49DA38693EA7F73C9E0AD336E7AC6698	411AD512AA6D5DA9360FF398433E0E764F0528263658E8B943E683EF8914A454
Chrome Cache Entry: 227	ASCII text, with very long lines (65476)	084DDCA8EB1D6BFE21F54C9820777876	FD5E045C591FCBAA81F17634986867EBD4D1C2F1	4452E46BDBD44B1E5A22EDFF4FD143DBE233FB66A4752027301E7F8F03FF5587
Chrome Cache Entry: 228	ASCII text, with very long lines (65310)	6888DBD9BFACCE1A14B025222D1C3734	547FF28ED9973F370896B85C7007A5F4891C9177	1EE4DD1DF098A72A60ADA7981AEF2072C4A8FC451D1FEF7096972DE3D34FF274
Chrome Cache Entry: 229	Unicode text, UTF-8 text, with very long lines (65471)	A5C6F208FE49A7152E57B0225D1E43C4	16A0C9BA7221F037FC1D815A2C31454C97EA5470	16F24EE341EA898499A49F63020B3EFB22310552D7BAB39F4058A257BC0C07AF
Chrome Cache Entry: 230	Unicode text, UTF-8 text, with very long lines (65464)	1D059A1E91899CAD205E8515BEA97D44	267D30365734958CE77067EB024CAA2B420AF43B	018DA9C0A119691D99F8CF324C5A07665A6E2117A5DD691B06F4C69E171BD243
Chrome Cache Entry: 231	ASCII text, with very long lines (65472)	88FE5AF93A34045D123F8553A1D1F252	367EE95CE0506BDD13B0F548BC252C49388AE56D	0920ECC552C22FA97C56F9651F5A00048ACA19A90657A7E2470B3A14067C4C9D
Chrome Cache Entry: 232	Unicode text, UTF-8 text, with very long lines (65455)	ED5AEEA53278040B2022DEA269DC2B98	293D8B7E49DA38693EA7F73C9E0AD336E7AC6698	411AD512AA6D5DA9360FF398433E0E764F0528263658E8B943E683EF8914A454
Chrome Cache Entry: 233	ASCII text, with very long lines (65476)	B1017618BAA776FDE10E1ABB9B5576D1	870E1311F1D2A10A119101E906ED1F66AAF4A406	58FCAC9C5EDD67ADE2937263783BF78D9C112BA862501990CFD553B7C0390647
Chrome Cache Entry: 234	ASCII text, with very long lines (6378)	FAE76DAE7784930E96292B65FEEDBC0D	AFFD25E6159BE1645F1FFE8CE4BAFBF8D9710C3C	69B7DBF013D733F4E7A1313102219E1D58DFA5F7D95D2ED590B88D935C8B1E84
Chrome Cache Entry: 235	ASCII text, with very long lines (65475)	5D7E959E6B83248D04C1764F8F6F153E	9CB75E73CEE59773AC7F82C41EC4B11FB6168C37	17C44981056AE13F58B412BEF7B9708B004F7A9A3F8B92366766D01181F9B386
Chrome Cache Entry: 236	ASCII text, with very long lines (65476)	B1017618BAA776FDE10E1ABB9B5576D1	870E1311F1D2A10A119101E906ED1F66AAF4A406	58FCAC9C5EDD67ADE2937263783BF78D9C112BA862501990CFD553B7C0390647
Chrome Cache Entry: 237	ASCII text, with very long lines (32010)	63E2DF852D15AB21D7FF8FC4363222E8	7EE401BA652DB0A4EC960350E17216CDA01E22FB	545156ADEAE44DADC82B98D504F805EBE77FB79C928EF34EED1057BB9D4CB8FE
Chrome Cache Entry: 238	Unicode text, UTF-8 text, with very long lines (65402)	FFB75E11B97C375BAEBE855141776FF5	5F34A78B30542D79231E779ED2B5CB20C5516378	D424A4618DF5F0245EB45D04749D81DB913BA61BEA554B902967C203C004F907
Chrome Cache Entry: 239	Web Open Font Format (Version 2), TrueType, length 37752, version 1.0	35D189800D56A9D8BF3D51299A974C1D	C07153F2F8E97706062A5D5BAD8134F5054D81FE	D414E15B5454A3564168592963F45BC312C13040026AD87450B597EE5DCD11FA
Chrome Cache Entry: 240	ASCII text, with very long lines (46254)	339B13B91CE8CF7CAD214117EA302B1F	98F3C31699CE0C6516E366AFE421F3D941309A6A	BDF4BB9CE620D4819A9D3FEB0738321607788FD880621C2A21B6DBF8CB711032
Chrome Cache Entry: 241	Unicode text, UTF-8 text, with very long lines (65453)	EC10A08ABEEA396244C7C88FFAA5ECF7	29EA05BFC2B2A754AE77DF48FEBAC23A79352C48	E4126A1DD61B9AB0EB21038540041710DDCBDCD5E03C0D7C302F74E25EF34B8E

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

HTML page contains hidden javascript code

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /public/share/web-034ada86e7d04d74 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/spinner.css HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.us-east-1.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/css/spinner.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALBTGCORS=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALB=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; AWSALBCORS=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALBTGCORS=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALB=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o; AWSALBCORS=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1 HTTP/1.1Host: o49063.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=y3mFLykAQyD3C3PQ6WWnmMS4ECeIzsdOjjRLYcY+XacKIzBjnMSKhC4UEWpWumbwN2mY7KyNfKxnsnPm1ysF3o3xl8EOUkNXUBM/ZCSTbRK5zhf7WrS3wZ8n3Kcfx8k0qYnJnmbrKvWVUf1llzwsG1zwrCWEYa3vfCFeANqbd74S; AWSALBCORS=d807JVFt9An8+dxzpJiQx2DOFRrO6t7qkXxA64ty4Yf1xGqsBabgHmOW4ax8fToXqDHZ/SBj0E+j32eeRILGlpRCR8iX2l+TAFS9PAm5pcx0e76MkDZjuPvWYTPH
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALBTGCORS=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALB=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; AWSALBCORS=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAqZEabPwUAAAA:ZSRVPJrcZOizJIqkhcDhKwQXl8IKzlc2rPkClyD+O64dkHPseD2P+Gv/qKyc1CeJebbrHwN5OMZPbR4TVrj99k3S7izSM5tCbUazp0BhWSeomiEOziSMlVFZPGprnRr5IaDW7s2QOqGrcB4oP2NT9WlqTfSux7yG0hPUD4V4CLTXLk9BrOBngKXkC1cmRpdmCX2mrPYcfERMJE2Nz1AWf9A=
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/verify HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALBTGCORS=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALB=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX; AWSALBCORS=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: CHm_ZIiEBDXTEJ3pvz0RwAsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALBCORS=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALBTGCORS=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALB=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k; AWSALBCORS=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALB=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF; AWSALBTGCORS=XPqYdQgAnEP+bRsfGVSfp6wB+V+VNDUj0XBSrZx5XcvmqtVdxBg0dJ3uNfwWy2Jlv/cnlMYWXQAEILBBfXc5z/zyEoGuQq76yYsyM012Kx7nxKwIv7QsNnTIjIBO6IL7C7Df6odW2HcOhk8b1y9rjfIOg6PaWadmgExWeREthN5O; AWSALBCORS=gpnWU12z77cssPEdjRhwSlX3fGeycStZlYmdJan2san4NOh9Zou7O4Axq/oKdr6UeVqe+xnoQrIb34rMXno+cMUMDUHiRqedfqP3iDUtsQp5/VrJ6XY3lM2xPsMO
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALBTGCORS=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALB=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA; AWSALBCORS=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALBTGCORS=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALB=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53; AWSALBCORS=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide.-323232.1622565221517.css HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"tracestate: 3347059@nr=0-1-294030-30142649-9f48823f905290ea----1728877720234traceparent: 00-abada73e58dde84a0e0bff1b72381ee7-9f48823f905290ea-01Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5NDAzMCIsImFwIjoiMzAxNDI2NDkiLCJpZCI6IjlmNDg4MjNmOTA1MjkwZWEiLCJ0ciI6ImFiYWRhNzNlNThkZGU4NGEwZTBiZmYxYjcyMzgxZWU3IiwidGkiOjE3Mjg4Nzc3MjAyMzQsInRrIjoiMzM0NzA1OSJ9fQ==X-BFF-CSRF: trueAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brCookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALBTGCORS=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALB=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D; AWSALBCORS=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/402b74053d26323596b3.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Items/ContentViewer HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=wxpgc9Xq4NpZcesrKHOSZrd10G3/dNWvLuFYZzxma/GDWsClSRMgguNkdMWD0KgTMX6v9++obBK3YczNPaCkaXzDN7i+Z+PLmxdG9GyX7qka5wQNNfsVCZDlD+fz3iQdx0pnLgwh7ipz2mGg5ksr4InWwbvUZRFblz5mTAOGMQJH; AWSALB=VbUHkpU+HbF7rgCQJi/iM5ZfufzmnmUtyhexcvLWFx88NhDIzJ2JzVOSvgla1kWov10ZOgsNQXM7Co9BqNAQuUbsXm2alZZO7ohHfGQMZD0jnZnlq+T1INFoUJOv; AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: OfM6-qi4b5_CYiePGaGRAwsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: BtmWnaPo6Nvh2DE1ECO2_Asec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: aLoUM51piCvgJITr6OXtbQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=xfF3y4E6OkoP4TbrO5wkGsNDsr0kvxcSVkryuj48rqxQE+2ODLO1AH/jwaGaaDFXJd1AmsnEz3IR8uZamcQM6b+X0G3cubFpMcLTrWoJuaZxnwWh3/dcO82x5ZcBn9od8VlRGgNzcfAG2oX8DDqgtaNjalxiZed+TRFJluzNkOc9; AWSALBCORS=LMFgWjwuaLNJJXq6FRedbnPjPEF4jDxU1Wq9OxQ89dvLvOdvkki9YsAoOvVlczktsz2+m/eLnp1HZV0HHKFpe8wc0QXVHsaIUF6V83hQ8z9pnt/ZGuG7cFvzd/lR
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/launchrequest HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALBTGCORS=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALB=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI; AWSALBCORS=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/d8fcf3851ba79b1d138a.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: yJCC6CGTogsUIuqqaTVhRQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALBTGCORS=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALB=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t; AWSALBCORS=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; AWSALBTGCORS=GjU2WKE7tsYadO8WlR65Mx8Kdy5ZjskqtT/EZUM6dIewFAbbexoYpcivGWfmDosfGBMA/dZj3a1ov8bsXpVQlrubt595y/QkLWwQwrJRVvwAiNmbnLiMmVGjG/rzP24TR2TzjQiJL5MEXGUT84/SY7qtgnxIb7xBKpEmPgzxnB1J; AWSALBCORS=f+mN1soxfbyDbskKBxrAz1MJtWyX1PygaX+BucGlsxF9hm06LdMbSpoXxxuaO/eLvjrI1XLIgh3dWeghW0GFB2AmZ1m9KdQEo4lS9BVhbbc+OpspQdtpfKfUStk6
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /events/1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=37896&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALBTGCORS=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALB=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb; AWSALBCORS=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/document/sessionurl HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/rendering/api/render/pdf?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..wBHWk1CNe89dCPJRGExwKw.CY6l7d3Nj0WXD1dcs7ZlVMjtDDZxf3VOd6QicS-ILNnpgjfbh6J17VHTd_-C2W2stMXuGr5PaX7B3viha_YTk_VNyqaTO1fMQnmC1XChl2hEkOdjQkKVwQbmqCkLERGpx71Gj3d-SG6mOEu4dCcMgGnWSPqg5pPF700wjpBnIwVRya42ek-3md4yRzmlDD0Em98WEvzRWwxNyf5N-AU_HnDwO3vvBy5-ZlsUhx9ba-DocmowGu5-WmMrGGLSEsrySFwxK3dmKZgKVyAS19AqfhXMV8a4oxSsHWeyc3_7UnhXT8Y56clfETyeibuSnvfulKzbwd10e_SlE8LFVMsQUSb0fc1bzD7QlMPm0bdiMLEvO8YMCLhmGA8zgENEm0e1_glNWnvSS6dmEdBEQ8Uqb537KQCiEJjGzcOVn2gPY8-4fzwdsrDGMSN7mMsBNB78hopsPkOXcWJEgDgeN_C9IOHyc9Yxb5CByurTrj0lqBwIp7aX5wuLtWO_NhEnVrJChig2ad5sHv5yVLlPQV4tD9hrNDOmNZgtbFX5bA8Xux-jHoxsY7Jy3L4JlEM5wJB_VS39ESr4VSwo5qH1dqHImWEJt-6TnMN0TKfb8vuD4mSOspHtD9ZrUIn2y-wcy_J0lJ3D0WRG5q1Lh8vFRBo2u6SuZiFyr-cKc3euo7lwyl0WYOLucFGIMysFDruUe0M3P9PWTz4XtUr7S7Ggikr5ov7OH74Uoq6prQfjvAdnrl5ISXJIo89jt567tIOz6R_MfXuhwcNy3q8vnJJ_kDisvly0gpP4PPcDoooLLVAGSILvwridOpr2WR3FyMtRUdpU-uu3GgVKhPYO_BNQMj7mUPUi05SkckmP6CloUQ9wPF1s7mLVvu_ZdWz4qoB0OiQnEB3Y5EbIhcisrUHrTxV59hHXL6sgGfiWtuPskb7P51eW7zOmh6zIGm44qL-C_pWDXp4ZW-GK4F7VThLRTwTeBQGx7mfsGjNywW1hZEyWNvMj63yEofqYTJdq14jTjHgWtdj2wALMvzIQxeXDmSpjsP0D4OrH094g0R-a0afGfs9L5cGr03kPxZOJe08qau7h62T2OX6G9Jpt0Ns86_Q4HKoVEB0j6Wmrz4pVMQ_dcj8vOieEDVzkGZpvPC-4t5Xeq8vkIFeuIDfyerFyUdxMH6wIJWK2gS63f39iQUdLIQ7K0RdTKCXqgp7qKEL1Gd-nT8_jbXfMPgDtC7UMMNlCLk92Eknw6pYF-TVFyMLsHdTQVT53faHRoNHkr86eZ4Aq85FZOKbHF0ECp4q5s8fF8UC0A42I2zr8fwlkIh4pn4WGraTdTHvvZsPFTPEXJZF40x7w-PH9Fhr-JJdJnAHIXNDNRx6xmPQJJxdbAKbkCc9BSHJVGJxFeHPdx0BEdFqH9EYEsCZv45T6mq_GGg-sqO-cT81JQxPhv33TnGoJ_3jVAGke-IFR6jxsuLCXvnEmOSDeBKziAl6FxEB6v19Q36HAAG3QTOgpPaS9aKcrZ5HmewuE753gYF_45kKzHf70fiaBwUGJkwaCXbWOweBfHl1tMwVu-N143611OhtnSAQkR5HSlVVuuyxsw-96IohDvOnpZjeXFbvkoKIxnnnkmards1YTt9Z9TKScu3xCv-2n-CiWA2rqSHhyl6x-MQCZVYiXNiPl7d3qJHdJtGX1KevhNfExF2UgicV8pkLNl5fNLHsdFWJ7XgeNLcU4B1AOcSxBu1LwJisjdfcPdiORcKIoxYN94vdfEpf_gMmKupMo8GKkEgE3oi-JObTd8i2d_7by2REBwWVNb7w0ThX9fLNzYr4D96fOpJF3Q56OZq0kDOS_iwFpmsm3BNM6q9jd3fPfk5VsupvmsGCXJaPBMg.GnpfxIAvhbLpGGhEyBCjig HTTP/1.1Host: sf-renderx-us-east-1.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALBTGCORS=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALB=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9; AWSALBCORS=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..B2aVGXdwQELWM5zpldm8RA.D0SqzqVCoVEmm5nrmtYRUpSxdvbkV-kozB2t42aKeolSvyFtvpL4Cf-lc7ykmn3be3zVhmiD5nxrQgfbT-LEZmrye-Ik0Qk8jenFcr8YNFB4V8w8ullDnKE5g9LncYoUiiDzJVD6ljxN_jfPafXZdpzLi8P75TUzvPuB0I8nCuFP3iEizpTm8E-KLBnhvSnFpQbNMnoZfW6jU0nnOi63SWrV8LsRLHFAmUEVDhi0AEm7JOY-ooGhP-6DDALy9ojky8gslV_kRkPZ8vHXSBATUHP4V3ZIq2FvKiqQ1FPaGMmq9ofN4LMlsmq6Q9VZqtXy89BYadpZer4YyqWCP3D33Efd1YMn-mOILPlb5lJfHZvCV4qe7g3zaZS60HDVR64QSCVQnQnGB4ge-149oY2CAKYx6iANfCOXmZDXzLdgUihGleEYEPr5TNRr1SKTiow7.oii1bhU1Lby7x5CKv1nKlQ HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALBTGCORS=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALB=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30; AWSALBCORS=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=0-65535
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=65536-99256If-Range: "102f2460e4fd2bff54305335f7318409"
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALBTGCORS=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALB=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9; AWSALBCORS=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALBTGCORS=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALB=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU; AWSALBCORS=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.us-east-1.sdk.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sf-api.com
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-content.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: piletfeed-cdn.sharefile.io
Source: global traffic	DNS traffic detected: DNS query: o49063.ingest.sentry.io
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-data.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: sf-cv.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: api.ipify.org
Source: global traffic	DNS traffic detected: DNS query: sf-renderx-us-east-1.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: sf-temp-us-east-1-production.s3.amazonaws.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:42 GMTContent-Length: 0Connection: closeSet-Cookie: AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, must-revalidate, no-cache, privateContent-Language: enExpires: 0Pragma: no-cacheReferrer-Policy: same-originX-XSS-Protection: 1;mode=blockX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=16000000;includeSubDomains;preload
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 14 Oct 2024 03:48:44 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeSet-Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBTGCORS=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBCORS=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:44 GMTCitrix-TransactionId: 0566a1b3-6677-4c75-88d4-2a34517cd8c6CorrelationId: xgsWBdW7mEevpIzZHzLkjQX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: DNN0Ui6hQ0alOxcagJKHAg
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:45 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBTGCORS=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBCORS=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: ZV76AU7iEUq1u7PWgYnafw
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:46 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: 3ukJ0UE_GEah1hMOHKpDbA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:50 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBTGCORS=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBCORS=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:50 GMTCitrix-TransactionId: 97f4887c-41bb-4d6a-9a5b-c4ffc9ed9e8aCorrelationId: eRg7am7WP0y5zW75B77ZQAX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: UtVW1pV6vk-zraabRAkp_Q

Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://b.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://f.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/780dddc8-18a1-5781-895a-a690464fa89ccacheFileFullNotificationPerce
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/chttp://test-exp-s2s.msedge.net/ab/c(
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/ge
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/gecacheFileFullNotificationPercentagehttp://test-exp-s2s.msedge.ne
Source: chromecache_205.2.dr, chromecache_169.2.dr	String found in binary or memory: http://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://weather.service.msn.com/data.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/download
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/commerce/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://agent.pendo.io/licenses
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://analysis.windows.net/powerbi/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/api/addins/search
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appinfo/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appstate/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/app/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/feedback
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/file
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.officescripts.microsoftusercontent.com/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.onedrive.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/beta/myorg/imports
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.scheduler.
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.live.net/v5.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://app.powerbi.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://arc.msn.com/v4/api/selection
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com/v2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/f
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az815563.vo.msecnd.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://canary.designerapp.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designer-mobile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/fonts
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-assets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-dynamic-strings
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-home-screen
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.entity.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.hubblecontent.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.int.designerapp.osi.office.net/fonts
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/DGXiXepNeRvpgcvqVVwgerMyl9c/FzHL74W
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/RKXGQO-T4hA-4ZEVZHET-2hQSkA/2qzaI4Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/WPvkzGkOrfIvp3qkN5N54f_1PEk/YiOA-0Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6A
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/freMllnYvBAwsP7Q8plLkQuQk9o/iIvmdJJ
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/jfhRXEM-T3XDOIl2P_kjewAdeGc/LhZTKWo
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/kRiIYerdgZdzqYlUiCx61iLjnBU/vJf7TMD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/mfS2ulYoG7dN1QSakrLPIk6LA7Q/4_xFPLt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/moENhVNGkRpdnhKRCzqkG8MUQPk/Mp9uRb2
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/njPoQ1-6YEZw5vUbZJ0_GVUQ91Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/qgx_AaYBkGN6StQWJLhgBhCmZsY/ZEFqtCH
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWAD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/wotSbq5SNToNGIBxeYKbdsIn35Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/z6GAMp5KCypHWLnasLOIn0RVcPQ/vzuAMPt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1622565221517.css
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://client-office365-tas.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/DeltaAdvisory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/mac
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v1/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/blocklowlabelimageloadsdevicecapabilitycamera
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/controlflowguardhttps://config.edge.skype.net/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v2/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/P
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentcheckin/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentweb/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cr.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://d.docs.live.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerapp.azurewebsites.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerappservice.officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev0-api.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://devnull.onenote.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://directory.services.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v1/Designer
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v2/Office
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/registrar/prod
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/rps
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://globaldisco.crm.dynamics.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/pivots/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?secureurl=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ic3.teams.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/client
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/clientstore
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://invites.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lifecycle.office.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/organizations
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.local
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.local/
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/common/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://make.powerautomate.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messagebroker.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setcampaignaction
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setuseraction16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/campaignmetadataaggregator
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/getcustommessage16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://metadata.templates.cdn.office.net/client/log
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://mss.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.pagecontentsync.
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexus.officeapps.live.com
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexusrules.officeapps.live.comP#
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ods-diagnostics-ppe.trafficmanager.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeci.azurewebsites.net/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/service.functionality
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officesetup.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/embed?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.azureedge.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.svc.static.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/connectors
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/review/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://pendo-static-5352587489443840.storage.googleapis.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift-frontdesk.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pushchannel.1drv.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/mro1cdnstorage/fonts/prod/4.40
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/polymer/models
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://safelinks.protection.outlook.com/api/GetPolicy
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.officepy.microsoftusercontent.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.powerapps.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://settings.outlook.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://shell.suite.office.com:1443
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://skyapi.live.net/Activity/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://staging.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.cn/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.de/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/Notes-Internal.ReadWrite
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v2/init
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://tasks.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://templatesmetadata.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://useraudit.o365auditrealtimeingestion.manage.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://web.microsoftstream.com/video/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webshell.suite.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word-edit.officeapps.live.com/we/rrdiscovery.ashx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.pagecontentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.odwebp.svc.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.yammer.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com/https://login.windows.net
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com50

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: classification engine

Classification label: mal52.win@19/152@60/20

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

File created: C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74"
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msoimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso40uiimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.word.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso50imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.view.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxshared.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.viewmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: clipc.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: logoncli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hx.mail.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxcalendar.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.remotedesktop.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.systemid.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.retailinfo.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msxml6.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: photometadatahandler.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ploptin.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: webservices.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataaccountapis.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataplatformhelperutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: accountsrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: aphostclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: office.ui.xaml.hxaccounts.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.security.authentication.web.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msftedit.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wuceffects.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiautomationcore.dll	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe

File opened: C:\Windows\SYSTEM32\msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: \REGISTRY\A\{bfc8b437-7efe-3d25-3410-9e9f0f2e4849}\LocalState\HKEY_CURRENT_USER\Software\Microsoft\Office Test\Special\PerfImm

Jump to behavior

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

LLM: Page contains button: 'Preview or Download' Source: '1.5.pages.csv'

Drops files with a non-matching file extension (content does not match file extension)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 168	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157	Jump to dropped file

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: settings.dat.7.dr

Binary or memory string: VMware, Inc. VMware20,1NE

Queries the volume information (name, serial number etc) of a device

ID:	1532896
Product:	CloudBasic
Start time:	05:47:09
Start date:	14.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeuil.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeuisl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Queries volume information: C:\Windows\Fonts\segmdl2.ttf VolumeInformation	Jump to behavior

Windows Analysis Report https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74