Edit tour

Windows Analysis Report
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Overview

General Information

Sample URL:	https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74
Analysis ID:	1532896
Infos:

Detection

Score:	52
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

AI detected landing page (webpage, office document or email)

Drops files with a non-matching file extension (content does not match file extension)

HTML page contains hidden javascript code

Queries the volume information (name, serial number etc) of a device

Classification

Process Tree

System is w10x64

chrome.exe (PID: 916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 280 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6344 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

HxOutlook.exe (PID: 3736 cmdline: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca MD5: 6F8EAC2C377C8F16D91CB5AC8B8DBF5F)

HxAccounts.exe (PID: 2416 cmdline: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca MD5: 6FEB00C9A2C3FF66230658B3012BAB6A)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

HTTP Parser: Base64 decoded: {"version":3,"sources":["webpack://./node_modules/react-loading-skeleton/dist/skeleton.css"],"names":[],"mappings":"AAAA;EACE;IACE,2BAA2B;EAC7B;AACF;;AAEA;EACE,qBAAqB;EACrB,0BAA0B;EAC1B,0BAA0B;EAC1B,6BAA6B;EAC7B,+BAA+B,EAAE,qBAAqB;;EAEtD,mCAAmC;;EAEnC,WAA...

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56

Source: global traffic	HTTP traffic detected: GET /public/share/web-034ada86e7d04d74 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/spinner.css HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.us-east-1.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/css/spinner.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALBTGCORS=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALB=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; AWSALBCORS=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALBTGCORS=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; AWSALB=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o; AWSALBCORS=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1 HTTP/1.1Host: o49063.ingest.sentry.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=y3mFLykAQyD3C3PQ6WWnmMS4ECeIzsdOjjRLYcY+XacKIzBjnMSKhC4UEWpWumbwN2mY7KyNfKxnsnPm1ysF3o3xl8EOUkNXUBM/ZCSTbRK5zhf7WrS3wZ8n3Kcfx8k0qYnJnmbrKvWVUf1llzwsG1zwrCWEYa3vfCFeANqbd74S; AWSALBCORS=d807JVFt9An8+dxzpJiQx2DOFRrO6t7qkXxA64ty4Yf1xGqsBabgHmOW4ax8fToXqDHZ/SBj0E+j32eeRILGlpRCR8iX2l+TAFS9PAm5pcx0e76MkDZjuPvWYTPH
Source: global traffic	HTTP traffic detected: GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALBTGCORS=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; AWSALB=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; AWSALBCORS=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAqZEabPwUAAAA:ZSRVPJrcZOizJIqkhcDhKwQXl8IKzlc2rPkClyD+O64dkHPseD2P+Gv/qKyc1CeJebbrHwN5OMZPbR4TVrj99k3S7izSM5tCbUazp0BhWSeomiEOziSMlVFZPGprnRr5IaDW7s2QOqGrcB4oP2NT9WlqTfSux7yG0hPUD4V4CLTXLk9BrOBngKXkC1cmRpdmCX2mrPYcfERMJE2Nz1AWf9A=
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/verify HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-templates-pilet/0.108.2/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-notification-center/0.58.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-publisher-pilet/0.17.11/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-resourcegen-pilet/0.1.36/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-doc-gen-pilet/1.2.88/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-act-hist-pilet/1.7.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-pilet/0.8.16/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-rubicon-pilet/0.33.3/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-storage-plugin-pilet/1.280.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-permissions-pilet/1.118.31/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-view-engine-pilet/1.8.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-client-dashboard/0.164.0/package/dist/index.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-remediation-pilet/1.3.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/main.css HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALBTGCORS=pGnr4jWxxiKxZLrIDGi9ARrJHsmUxgm04+yAt4rCc4DqOZ48DWgj063cL5FFi2tEVwk3bOPmAlG26i97+mkg32Mv7jzFu1YFDhePkUyT58A/d2VOU+P2L+BwPL9mRuR+A+nbRSQUh19s+QomADRXKepP0Zg+Aoud/kK1QvvvAyck; AWSALB=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; AWSALBCORS=9oa51b8by9tL7/56PRaEY0p7kv4+yMgR07usimBh2+G8odyOhzECCpdf50vGVHaZfeSnl1IsrJ73KOj7dSSQXLnAOHSE65dsoIdCPTkveFbC4Drs+pwWATlzMXEJ; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==
Source: global traffic	HTTP traffic detected: GET /bundles/c3b78c86faf44765071f.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /bundles/50838dcfa76323d03647.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALBTGCORS=VuUkHR2wfPrDCyhJWxxPlSkhokx6BDJm1zibuyNLZzTP6/I+ZR83jhWaiDITgg8kv1yGj4UBJ06FImKRrcD0LConDo+h5x9Iw7Z9D3fCcWh9YJpj8Gvky0zGbAOIFXGSuw5NNHz471TR0iFMbrvG4y6tof87ykz3mBMFhvx01AEY; AWSALB=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a; AWSALBCORS=B8P9JUnCgUWM8sc46is6T7q+K7MpHUpn6Ygx44HRZAzI+d4qkTKrD7q/jbw+NWWwd4tsLnSK0l03BpJur6I1M4SaZYQqC/IQHgst6dGnZYFxY5iJZBC0qkasfT3a
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /bundles/2df17ec2f6eaff4d4417.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALBTGCORS=CQPy4BxELCAkQ68DNmMTyHSWTx5PYs5epaviem6ZXNHnqS9zRJNulto6VOpn9uHQYcXp0XEAaEJrEUNYdDY62eGuNd0ITIg6rYXRMl+y27mgPx/RGwsc6/JW4w0sKL77tbyidpD3q4YsCLwk+ycX0dVtFi+eJ8IfXd/PlOKNgIZw; AWSALB=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0; AWSALBCORS=FWlUCwGFT7pNgGRyGgKR2uOQYYo5jS6MX2/nKqb0TZwMVJ1M2T//+JroTEv011PBtzJAXKvbYZ+d06bCcKJSY6pfK8yEXhF7pRdwWQ0fRwUgzsemNI6jnXw+rIu0
Source: global traffic	HTTP traffic detected: GET /manifest.json HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon-32x32.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALBTGCORS=bc4Qmi4y/J4laU0Lu5t5v14nFYP0a4S2FIELR6CItdqIyaW7X6aZ0GI8HrjQD5YIB7U6HNJ+54PIR4qDMiDGQFHy5Zi/9mtPr9le6HwcbFi1emcK9XllTSsWbCH5f6JaByhMHza+mP/kmOC1qxqg2S4h6DGM4nHZwC+Vf+9K1qxk; AWSALB=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX; AWSALBCORS=e2yUD+HARuBx5SyTmNE2Npk/Jq4Aa13j2TWKxwYpYrSPQJlcbhSgnsgaNNKjAKMAuEMLiw5Ef2Q8wCAN5BsUE5D4B/WL/OKDbJDSu05ISYjKrX20peRBi6CCC2WX
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: CHm_ZIiEBDXTEJ3pvz0RwAsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALBCORS=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALBTGCORS=hPDRP3NPIwgVdL+kmaPN6saTqGF3xqUZRTo90HniLqyN/GGDmr5VNJY3a/djAysF/tAn6whF6MLpP89hsMNQNXGo0LprIwFSD97ff333q0zVhlNqTeBodUFjF1GU0BoxNgDB+zgMphh2f9wKpFeO/4THiBsHoRTF5BRo/q/vebxq; AWSALB=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k; AWSALBCORS=+rk5tuNQNblm8+gPvD1woO1VPFCAwkvZBN9e5qgq3Bt3rLfunl3RmtDSARWW1G3BW6E+cvZ09o1KScAK1xpGgfkz8ehqAoe7rc19TMtFv6Rqzj50HkUA/NzfWw9k
Source: global traffic	HTTP traffic detected: GET /nr-spa-1216.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Accounts/Branding HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=orcK3ZOBiSZ74t+hikuMlxbxJhZT0NPvPPUvRnyW11tDqXORUDl7nzTgA5S9dBomPuE2jTGhMppdPZQ5sAjUrqpz/UdalZMdoVoDvTS7shlxqUZFOHKA2l+5MA3W6fanLMmt28ElhEiGyK3m017qxz1OHfIcihq4efw16HDRWN2W; AWSALB=Sn7Ns0dBdHVUSa16v9WXnqjM+SgPQudF5hAgoiuck8BTXz8pq4Jy0q3isuRE/5cv2aj6tK3IM2RV469UW7tsiUZ4Lv3JjQCSeFtFJpNZ3VdF+l5EqxlDDpFJnlVF; AWSALBTGCORS=XPqYdQgAnEP+bRsfGVSfp6wB+V+VNDUj0XBSrZx5XcvmqtVdxBg0dJ3uNfwWy2Jlv/cnlMYWXQAEILBBfXc5z/zyEoGuQq76yYsyM012Kx7nxKwIv7QsNnTIjIBO6IL7C7Df6odW2HcOhk8b1y9rjfIOg6PaWadmgExWeREthN5O; AWSALBCORS=gpnWU12z77cssPEdjRhwSlX3fGeycStZlYmdJan2san4NOh9Zou7O4Axq/oKdr6UeVqe+xnoQrIb34rMXno+cMUMDUHiRqedfqP3iDUtsQp5/VrJ6XY3lM2xPsMO
Source: global traffic	HTTP traffic detected: GET /android-chrome-192x192.png HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALBTGCORS=49ZA+lo7tNzSoGg/xiac8Z4SNF9vXvkG3bHWj2x4oTyqB4ccxXXhnog+DdkF4w/QKsAoqgayaUtimwhdgPK41SS355QAco68PiorV9qw8Q9zux0Wr5A5ZfYRUXpM3oO8/Ttg3zEnhUQTy1uRwhfLt1W2JhbEnc/3z/36W5K4Dcmu; AWSALB=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC; AWSALBCORS=z9PYNX+BlYM44+lCtTLwvB36qsR4NUkEEUVY78bYamO1MWQjfQbN3UDl4kl85Iy1LNpu3W1PnLc7stGje/lUQnt8WBBhmBQdPptDTzVa6NV8eX/VCuuN6Hz4QUwC
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALBTGCORS=xMZAPUNKkE4bmAUIsQKABI7lap2miobPGzJ89umv458l+HLAU7akOUYDSoPmn4lwd6MR0tfq2aqCNWMkZrHjsbVIvQiO1e+jg98YB6wqpeBEdQ7XzrrViIdyYdgKGle+WoAr2aSRwprMLeoZKLP/FffAzDZ0qAU+rnhVkYxDMHuy; AWSALB=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ; AWSALBCORS=PVpr/K3DAdwiiasSj31EC9hJx1jXO0rdD82TnuLlu21UyFCSMDuM+8b83kp8qpPDsUrCs/cms7f9HChJwzdwaW8o2FNOZykywfOgq4xbdZMkwX7Rbj1Q4uijRSfQ
Source: global traffic	HTTP traffic detected: GET /1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=27893&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74&be=1536&fe=26689&dc=6629&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1728877690576,%22n%22:0,%22f%22:4,%22dn%22:38,%22dne%22:44,%22c%22:44,%22s%22:45,%22ce%22:1007,%22rq%22:1008,%22rp%22:1444,%22rpe%22:1620,%22dl%22:1452,%22di%22:6504,%22ds%22:6628,%22de%22:6629,%22dc%22:26687,%22l%22:26687,%22le%22:26699%7D,%22navigation%22:%7B%7D%7D&fp=2168&fcp=2575&jsonp=NREUM.setToken HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /data/guide.gif/74b07336-7560-45fc-7cd1-95032a784d52?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1728877719179&v=2.250.1_prod HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/3aa33bb6fffd83a61c47.svg HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALBTGCORS=gTJCK7oYnnMJjoE/yHX7KjFVR28suN+eCYHrqwL1XQ1ptqKR2FwIEu5SeAXviL1qxozerliipF19IBzpxDn0ZVxrY8rriog7y5SOuOQ2W/0sRxFo1vCUaCbMQnQQj/qV9X8Pa4/9QN6zjSMA2XVpczm0KQmQ/1qF8XGxLRrbScM4; AWSALB=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA; AWSALBCORS=SaCD9bXk8Choz/3qpR1GM9mcMHu1228BdT+Aa756/VUN4h+vNkNfoWnDVFUElVM4khPU9kMDzPQYquQs0lhx7r2UmM2IRfeGl4ty9xMcSIL8pmAJlToQCuIamzYA
Source: global traffic	HTTP traffic detected: GET /bundles/b79627b64df3ab63890d.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALBTGCORS=8p7loPz8TDNMKcmU/f0V4DOUNvOjq9TR524ybcRjmVUDX6yOk6Oo0hQsQEXRX5acFmowhDR1NgLquwSdSHgsuiY78rhd31Enzvd3uSA+KFMkbgBw5+BP3N97EhzUh+oCCzQGYtxHaJz179hqSLoIJ0FA/AtCTm31aqH0s4AQ4fDc; AWSALB=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53; AWSALBCORS=G8FCHNNSPiOZ9yQqNipoBxrsfuPehUAzJf+nefqMF0bX/PD28cre+/cP/0UYSNApSAtsxN1/P8GEgYiFkOJ99AtI7C9+dvrugtKiRFMxXqaOhbiAiPlGvfWqmB53
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /data/guide.json/74b07336-7560-45fc-7cd1-95032a784d52?id=12&jzb=eJyNj09r6zAQxL_LnhNL_hcnvhVSQiG0hb70UorZWGtHIEtGllNMyXfPOoeUXh69rVazM_P7hrMedHD-SUEJ1evj8_al-lftd4k57Nvd1E6wAKxrN9pwk2CDapVk8TJFVS_zo8qXeZbyVOS4WTebIttIPhm9YfEphH4ohQguoKnRBvLH0U8yGk7oqdGGotp14vYSZ01fQqYZKlyvqFAyU0XGVs6o95-OdjRmAR0FlgWE8g4wj_o_EAZtO2JLrCBbHd7gcgebT7Hvt65Dbfn_Vzs-vdn-EbwhDKOnAcoPcOkq5xXZ2k99IEXsb-CTg3sOsOHhHs8rxpm7xamIpUhkMqOfyQ_azZWSKMllFFe9dwoulytG34tQ&v=2.250.1_prod&ct=1728877719178 HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide.-323232.1622565221517.css HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/b69d9728d2dbe0747c8a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/5be3ba1b444ac539eaf5.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"tracestate: 3347059@nr=0-1-294030-30142649-9f48823f905290ea----1728877720234traceparent: 00-abada73e58dde84a0e0bff1b72381ee7-9f48823f905290ea-01Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5NDAzMCIsImFwIjoiMzAxNDI2NDkiLCJpZCI6IjlmNDg4MjNmOTA1MjkwZWEiLCJ0ciI6ImFiYWRhNzNlNThkZGU4NGEwZTBiZmYxYjcyMzgxZWU3IiwidGkiOjE3Mjg4Nzc3MjAyMzQsInRrIjoiMzM0NzA1OSJ9fQ==X-BFF-CSRF: trueAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brCookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/1c992ae0c14e95098d9a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /bundles/4229061ac836f0f16eea.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALBTGCORS=cCO8MnIIEEL2bEGQdl/Fmt2ZVH8IaHWVsk0GJntg33wsOOhYqO5FYvFHsHhyZRpHN5Fsmhlj9D6jyEMVD9vry5+LUz60hWc7382z9E82EKhBgJxzwEuIAvZroFin1187Dbclw2f67cLo4JBq0KOPhAcH2lZqHFZUGefU/YPmb+Jq; AWSALB=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l; AWSALBCORS=/zGDyMEUARg4lURHpUOdVAkNQd04wqAtxbd7T5GcyxYME22QeqYTA4B0DcnrKjnTnLkVR9NYKv3/WdkKRWkfxM3L1SRGGMQl3IjDBxY2pKpFqHhtW6WUKXteYb1l
Source: global traffic	HTTP traffic detected: GET /data/ptm.gif/74b07336-7560-45fc-7cd1-95032a784d52?v=2.250.1_prod&ct=1728877719176&jzb=eJzVUt1v2jAQ_1_8DMRxPuGNrRObQNtQafdQVdERO8GaEwfHAUUV_3vPhUXtC9qkTVPzFPt8d7-vhydi-0aQGZFc1FYWPRmRrdHHVpjMygorfsLSNEkSf-pHyYgcZCutNpnk2JR9__T15lu2yVYLpu5W5aIv3QDIc93V9vwGCuAxC_1xADwfR1sejaMwwL8kgmlaTJNwSrGnMwof76xt2pnnWW1B5VBbYbad6emk3YERhVRikuvKezl5BymOHg1C4JDGIuE05EmIoxqjm5bMnohWPPsdvO7da8x1p9S_YnpCfAi-thvYfhl22fOBxD0rb42cL5e7al7el7iiMFCJl-ICPv_8mJb5ar9bLo_3cyy2Yt-JOkebKPrWW4G8w2h6Gg2-VsLCNU9jbHxPnl6wut9rcBXUZQelU0DU2d2t0_1CwbVC09zoCmSN9TcwsPVPGBYCbGec6g9EB3GEV2iH6RsruMD5ijwOhs-H9XjFwTpsfuD51GOUOY4HYVqpHSQ2YRGd-Bmy5n89Ma1bci7_0Dzcr9ebbk2l7D68CZQ_BCpK6atAKQ38aqDY-wqU43NhweI4ZZOE_vr8_yQ9KniRPojj0-MzPInJfA HTTP/1.1Host: citrix-sharefile-data.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /io/public/Shares(034ada86e7d04d74)?%24expand=Items%2CItems%2FBundle%2CUser%2CUser%2FPreferences%2CCreator%2CCreator%2FAccount%2CItems%2FZone&includeExpired=false HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALBTGCORS=ZyaxKVc9I8JVUS981o3PXbYzeo/jPNWWNEH3kLuBJDslgonkoGqnf/2Kbs0Z9uBQJz61zMb93nhJ8fnNsNDKHXDCjWk+UhDmTUNF8c8KAWLr7ZqORmMGQgj7GjirjHhxv4ZaxY1dfchWDV+2q98f1NRTkkjUTyUV1yGtZiCA51ZQrf3QZYIBr/pTC2RjUFslnEEj/69lfd1Zh47G0Ka5krLAVOypyYqtz1ulOOnaeM6OED/mff40sqFFYzJtiiMq; AWSALB=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D; AWSALBCORS=O5yaWddrSJnJxkdX9TTjqaC2bj5BFLHJCTCbKtQ4x6hsZ1IHD6aVHD2VOBbPw/0yW1FX1kHGfFwukacFhDGmwveNRmUSnNL8+aBwzUxREaUSrCmUMGk5UgJdFp5D
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/af15e31c70fab7cfd55c.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/402b74053d26323596b3.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA HTTP/1.1Host: citrix-sharefile-content.customer.pendo.ioConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Items/ContentViewer HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=wxpgc9Xq4NpZcesrKHOSZrd10G3/dNWvLuFYZzxma/GDWsClSRMgguNkdMWD0KgTMX6v9++obBK3YczNPaCkaXzDN7i+Z+PLmxdG9GyX7qka5wQNNfsVCZDlD+fz3iQdx0pnLgwh7ipz2mGg5ksr4InWwbvUZRFblz5mTAOGMQJH; AWSALB=VbUHkpU+HbF7rgCQJi/iM5ZfufzmnmUtyhexcvLWFx88NhDIzJ2JzVOSvgla1kWov10ZOgsNQXM7Co9BqNAQuUbsXm2alZZO7ohHfGQMZD0jnZnlq+T1INFoUJOv; AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: OfM6-qi4b5_CYiePGaGRAwsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: BtmWnaPo6Nvh2DE1ECO2_Asec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: aLoUM51piCvgJITr6OXtbQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=QXEgGYqkRqs97d95DGxInRW8NwHsoud+eRwLxpxhowzJjSPTszkhJL5MNQNTSmR+dCUrlZKcFYr0hhI83OTSawgKl2evGUPbAit1S5/BVvIigr9eoYfR8eFbMlcZ5Xd8d/nCVM/GSXuSbr89qlVEMl5pUcl9RqhYg0SsUFiZwlzA; AWSALBCORS=YMG8MUK8LTpwpKtPlja/Q7ZYrYN5RXUJcBOGgk0EsMKjvEPmmXtWyfY2X9WxxQS+sybiQwI9yj7q+HICsmyXWHS2hpP2CpiMpsllIPbTi45umYb7mu1pGI8bN90Y
Source: global traffic	HTTP traffic detected: GET /sf/v3/Capabilities HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=xfF3y4E6OkoP4TbrO5wkGsNDsr0kvxcSVkryuj48rqxQE+2ODLO1AH/jwaGaaDFXJd1AmsnEz3IR8uZamcQM6b+X0G3cubFpMcLTrWoJuaZxnwWh3/dcO82x5ZcBn9od8VlRGgNzcfAG2oX8DDqgtaNjalxiZed+TRFJluzNkOc9; AWSALBCORS=LMFgWjwuaLNJJXq6FRedbnPjPEF4jDxU1Wq9OxQ89dvLvOdvkki9YsAoOvVlczktsz2+m/eLnp1HZV0HHKFpe8wc0QXVHsaIUF6V83hQ8z9pnt/ZGuG7cFvzd/lR
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)?%24expand=Items&includeExpired=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(fi8c6938-d1a4-c0cd-2bbc-70c3a69e272f)?canCreateRootFolder=false&fileBox=false HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; AWSALBTGCORS=Sig2JvwyrvjN/KJynvFFnvsDsYzCLRejIBrfq8LCq9/yeXxbC3+pvBwkkeYUyz6bWPjbfVYWE138SYKVUDQr4Bj0UHb+H18OZqdUQLlvKvRqbyX4A46gDPzmsUOuh9PTpg6bDo4Sd+o61yWqiQx/H9a+QQHaciAHu+GclXFoVCcL; AWSALBCORS=yn9glf5WVmugCu0df0ZESxCQrfoVXScbfwQLakhjmkdcMVUydEwUsCPTM7sjL6zuuuCC9dDQmOaBOrm67JJYg4Lg1QrnKUd+A8G19jTv6rM4woqSKX+zaOk2XKie
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/launchrequest HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/ba7dfd1a6326f1b75478.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALBTGCORS=kWeRRC+xVq6Ij/tTnn/F7cQBKdMpnvi2NWwy4Vaid6/zDhbgI1QoKIRpowtPv4DTkm9ty93Ro0Wn+qNgJk8TSdhbsTxdYEYsyPOHhcwa5+FgU4ikUBK58c97nqviQS8MVisbUh1MUDfWYZQL6JDW/n1u9KRv316LyhmmKMbbNKtKnyCnkTzagMX0lLOEzSFA7tOMC7xRI39dErSVEBCwQjOo0KxSmR+DBsgcQsAUsZKPtHFqWUsM3pRH4DH7iUGF; AWSALB=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3; AWSALBCORS=GRoqs1HyQd6RFX3wmmNfoOenR3gSAOeEdgnM0ucOr6vgonuP9j0MmCs+W4t5l6rBCttVHTy4TzniN9zUBmXIxxP34vyuewOjce8U0c9MFIL63OZXEsxMyTR440Z3
Source: global traffic	HTTP traffic detected: GET /bundles/2efeefafc2bb68a97d33.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALBTGCORS=x16qaIInvx2BtSxEM4GX9dtD9ogmLHMhv6g4G6m1Prxk9PJkMmpfnIYGGJ8YPzGLHNR8Zwt54KOTF4dcw4P3g/T/95mrqFPmcNxDPvt1xeJqRMTkv1M2EZznMa+zlgbXYN9caabEKQ1lK8r9DX/mnrvBvTcaXlDqVeIiRSL2z8dHcNEitGlgvD6o2QqZOoOcrsWFokgV+MzxD49WDpknt2De6s4aNIil5iVbQtDVZIi/cxtSE27x0tmr8tdE6Hza; AWSALB=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI; AWSALBCORS=LG7g5kC8FH89p4hEKIyVNIwVanCGbt8gZQHQlFgldNJzss+YLmfYPlDOgk67I8+AHveCkfP9V4msM3L3Gm/t2HR5k80NaonCPjA3tA4QbXRGPfFjZdXn4sfjdJQI
Source: global traffic	HTTP traffic detected: GET /bundles/22a601d65471e8503ea9.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/d178f6eceb0126b1e292.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /bundles/b5bef5c91ec3b83469e0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALBTGCORS=CXhB3XrA/CnJOcy3M9AxHnNZvAeHPQLIe1bg+4J0nQkVbyacmVKtu79K/zloLw7MLkHCj2sDlZux18nGz7DrqqR3A+k17xUmiKn0JP+ZR29FV9GG8V1f3VCVvyW1wCLqRUU1L6QnPV9VKnAQ8CtM3zrkmYUe37liCtS95ri/5AaUPvPb6BpFVhMvVIMfCbsBWRB6cmkzDyRFpRiElpEO6n06A5TX9MpgWDR7301XcqAZmnWBnzZFzJLoK/7xMVjz; AWSALB=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM; AWSALBCORS=RkHj1Eu+kywETnLzUbKzFd0V9wwOz20s10EX3E1CRZnZuSYLOmNNjHC7LiSOuCNbcwLJthDCwu9Qlim7B6dxNP/Fb7vBjmhqzkIIAFTkI3wyDlGy+a4VJGLKWpOM
Source: global traffic	HTTP traffic detected: GET /sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/d8fcf3851ba79b1d138a.woff2 HTTP/1.1Host: piletfeed-cdn.sharefile.ioConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://totalcanterbury0.sharefile.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/main.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveCorrelationId: yJCC6CGTogsUIuqqaTVhRQsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Language: ensec-ch-ua-mobile: ?0Authorization: Captcha eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTdGF0ZSI6InM3NDRjN2NhODE4MTE0YTFhYmYwMTY3ZDQ5ODgyMDc1MSIsIkV4cGlyZXMiOjE3Mjg4Nzk1MjF9.-G5rG9WwkXeHth6oX6c9RtUqS3x-QI2e813PYQTmiS4User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-SF-ClientCapabilities: HardLock,HardQuota,AthenaSSOAccept: application/json, text/plain, /X-SF-App: ShareFileWebsec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brCookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALBTGCORS=OAlqOPIu2JydCXUfApGcs5vIdYfTXWqpLT0tORNmTabWeE1V3Zw/BcgAYrC6nvcVK9xcOquBT2b7cegCFSTdQrgblmr7GM4hqhSPO99KCkXqAxwZn7RsOSlY6C5ACmunh8R+k5G0Ht1+e9js9CJCoufh/7bWes9YCm30qO9E5rPx5ZL3R5eVSxMvfMkHmEutJ86dg/klpSx2/OC+s47kKV6Yrypo/ooThmwRb98SSQi98QM+MZijI84SNB3H6PKk; AWSALB=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp; AWSALBCORS=AaEqPo7QqTBuCn/q5SGWiTdLkYz0064WCDORTI0Ep5LAg+0WgZ2DlMcjq/BE4wRf/FYIv2VIBXu2nbGLaymc9bC020TboMO7liDjcswC/EITFUB5pqtHbG7Ld6Sp
Source: global traffic	HTTP traffic detected: GET /bundles/2c61db7618456a4b4ea2.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALBTGCORS=+A2fjqLjTOw86TLD8ElS6l+lerZDExnviPCzpv+eTq08xLmjKaWGAKF0Q7/Mg3h8MnmSPtUnGhCth7SjHVVUrK+HR11KVFuVQKSqppO1nNVPkjkZq9LE37zoFhBPRrfjm8RlqqYW3NMtLtIbWpYykIB/YwoPH94Zw3axSBSQSzGmqpklPrS1srnrtoeVnTh/AUvn6+92+WS1qdNkAtnyLay0PINaKB7FE9dN+8FQhv/gZhVFatKnlba4Pdz1y23l; AWSALB=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t; AWSALBCORS=QGk2uwYwfqmh/AjkwCC5vkqzkflxWoKoRx4vCl5Xl5SGEKbpxtO76jKV4icYA5AP+jLtwA/EBgwLqcGZcdfeOt5RnBNC7Ex4HTwYtyQwIvxlObquEbNLlJcmZV4t
Source: global traffic	HTTP traffic detected: GET /sf/v3/Shares(034ada86e7d04d74)/Items(st34081c-405f-4373-86dd-16fb3f758152)/ProtocolLinks(Web)?action=View HTTP/1.1Host: totalcanterbury0.sf-api.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; AWSALBTGCORS=GjU2WKE7tsYadO8WlR65Mx8Kdy5ZjskqtT/EZUM6dIewFAbbexoYpcivGWfmDosfGBMA/dZj3a1ov8bsXpVQlrubt595y/QkLWwQwrJRVvwAiNmbnLiMmVGjG/rzP24TR2TzjQiJL5MEXGUT84/SY7qtgnxIb7xBKpEmPgzxnB1J; AWSALBCORS=f+mN1soxfbyDbskKBxrAz1MJtWyX1PygaX+BucGlsxF9hm06LdMbSpoXxxuaO/eLvjrI1XLIgh3dWeghW0GFB2AmZ1m9KdQEo4lS9BVhbbc+OpspQdtpfKfUStk6
Source: global traffic	HTTP traffic detected: GET /bundles/5626aad50bfaf67fedc0.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /events/1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=37896&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=43964618b2e2cdd7
Source: global traffic	HTTP traffic detected: GET /bundles/d5a7899d41651404accd.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALBTGCORS=ssXSSVD49YsNANaIrlShKQVFQWEvBZAx2m6UAY+NO5kffTOEO8/GqIujVhzldbBsrV3OG65cp6ysQarhGZMIoYH51gs9nb4qGDshYEp8DBbcOGAZjim4zUc50glZoJf9+S7i13nrjK5rDDwCODYxkXNYZeXDK3P1lj44+BQHQMP2soQDAVOVxVsCc0T8Syt5t9WLhrBFViRPLtI2I+f6NGQHDHx070gYP6Aw4X4+3chtpbUJHoekll7vlCNj4wUJ; AWSALB=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud; AWSALBCORS=pB+iibjvE0hiNl0UE6nFx7w2ozPaEwz1pJ+Ljb31yOOe4KZP1OwVPiiMRnCZj8YpgxR0ZF4OVy9AhLqDbXaB3lHEw+LjtuZXUDSiXvCawhRCGDv1TUhBEa49Zjud
Source: global traffic	HTTP traffic detected: GET /bundles/102a12cf4db82175eb4a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALBTGCORS=RTgXc3I0txfyFHWTpyUu6iR5y1qokCcuGaXkgpcytfyhgYIvBzlcs0wyN7JeZkjyf4t6NiKpr95T4KpPe5+CgE7YstMvmdY9xKjDp/EklgPQQu4XMRKV2oh98I0WYuMF8yJFc8UviLRumKA+MkNxVSqiC7q281GjZRhLY/URMbzhcWlA6MdcgL+G5uEsTb+evVFAkTH7duDkvTpaytxYBRJVuRATiqt8TLzBs968wy0lBSaJ46IaldErKyFn8HMd; AWSALB=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb; AWSALBCORS=qeHYg8TQc/qqCR/L1izQVzwAJHPNUh81iM4G7N1zjCHQqnUpqGKXbkqN+QS0wPYAAb/i4P7jXuSRHKuQ01GgzwrhAal2NaayxDyi81VjmXqwgrlJOtiF4t3xdJcb
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/document/sessionurl HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Host: api.ipify.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /service/rendering/api/render/pdf?token=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..wBHWk1CNe89dCPJRGExwKw.CY6l7d3Nj0WXD1dcs7ZlVMjtDDZxf3VOd6QicS-ILNnpgjfbh6J17VHTd_-C2W2stMXuGr5PaX7B3viha_YTk_VNyqaTO1fMQnmC1XChl2hEkOdjQkKVwQbmqCkLERGpx71Gj3d-SG6mOEu4dCcMgGnWSPqg5pPF700wjpBnIwVRya42ek-3md4yRzmlDD0Em98WEvzRWwxNyf5N-AU_HnDwO3vvBy5-ZlsUhx9ba-DocmowGu5-WmMrGGLSEsrySFwxK3dmKZgKVyAS19AqfhXMV8a4oxSsHWeyc3_7UnhXT8Y56clfETyeibuSnvfulKzbwd10e_SlE8LFVMsQUSb0fc1bzD7QlMPm0bdiMLEvO8YMCLhmGA8zgENEm0e1_glNWnvSS6dmEdBEQ8Uqb537KQCiEJjGzcOVn2gPY8-4fzwdsrDGMSN7mMsBNB78hopsPkOXcWJEgDgeN_C9IOHyc9Yxb5CByurTrj0lqBwIp7aX5wuLtWO_NhEnVrJChig2ad5sHv5yVLlPQV4tD9hrNDOmNZgtbFX5bA8Xux-jHoxsY7Jy3L4JlEM5wJB_VS39ESr4VSwo5qH1dqHImWEJt-6TnMN0TKfb8vuD4mSOspHtD9ZrUIn2y-wcy_J0lJ3D0WRG5q1Lh8vFRBo2u6SuZiFyr-cKc3euo7lwyl0WYOLucFGIMysFDruUe0M3P9PWTz4XtUr7S7Ggikr5ov7OH74Uoq6prQfjvAdnrl5ISXJIo89jt567tIOz6R_MfXuhwcNy3q8vnJJ_kDisvly0gpP4PPcDoooLLVAGSILvwridOpr2WR3FyMtRUdpU-uu3GgVKhPYO_BNQMj7mUPUi05SkckmP6CloUQ9wPF1s7mLVvu_ZdWz4qoB0OiQnEB3Y5EbIhcisrUHrTxV59hHXL6sgGfiWtuPskb7P51eW7zOmh6zIGm44qL-C_pWDXp4ZW-GK4F7VThLRTwTeBQGx7mfsGjNywW1hZEyWNvMj63yEofqYTJdq14jTjHgWtdj2wALMvzIQxeXDmSpjsP0D4OrH094g0R-a0afGfs9L5cGr03kPxZOJe08qau7h62T2OX6G9Jpt0Ns86_Q4HKoVEB0j6Wmrz4pVMQ_dcj8vOieEDVzkGZpvPC-4t5Xeq8vkIFeuIDfyerFyUdxMH6wIJWK2gS63f39iQUdLIQ7K0RdTKCXqgp7qKEL1Gd-nT8_jbXfMPgDtC7UMMNlCLk92Eknw6pYF-TVFyMLsHdTQVT53faHRoNHkr86eZ4Aq85FZOKbHF0ECp4q5s8fF8UC0A42I2zr8fwlkIh4pn4WGraTdTHvvZsPFTPEXJZF40x7w-PH9Fhr-JJdJnAHIXNDNRx6xmPQJJxdbAKbkCc9BSHJVGJxFeHPdx0BEdFqH9EYEsCZv45T6mq_GGg-sqO-cT81JQxPhv33TnGoJ_3jVAGke-IFR6jxsuLCXvnEmOSDeBKziAl6FxEB6v19Q36HAAG3QTOgpPaS9aKcrZ5HmewuE753gYF_45kKzHf70fiaBwUGJkwaCXbWOweBfHl1tMwVu-N143611OhtnSAQkR5HSlVVuuyxsw-96IohDvOnpZjeXFbvkoKIxnnnkmards1YTt9Z9TKScu3xCv-2n-CiWA2rqSHhyl6x-MQCZVYiXNiPl7d3qJHdJtGX1KevhNfExF2UgicV8pkLNl5fNLHsdFWJ7XgeNLcU4B1AOcSxBu1LwJisjdfcPdiORcKIoxYN94vdfEpf_gMmKupMo8GKkEgE3oi-JObTd8i2d_7by2REBwWVNb7w0ThX9fLNzYr4D96fOpJF3Q56OZq0kDOS_iwFpmsm3BNM6q9jd3fPfk5VsupvmsGCXJaPBMg.GnpfxIAvhbLpGGhEyBCjig HTTP/1.1Host: sf-renderx-us-east-1.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALBTGCORS=EQw0OdL9m80Nc181bg3cIrXOyD0i3CL6NIa0XAoxRWuxAgZmxIvpaZUVtQF9C7oq7R8X6TE4dfOr6Za0pDmqba1+5+AEKMZ4hbf8GALtRfiGfjB4xTZB3vFJr18K5k0i9lOSLQ5dtm32Q4r5PiQ61pj827q7vywfZ8rO0Dt/BohtnCRdMzsx3Ta9dwNfkwACA/sJRza703aiIW6yGiH2xfwi6j4GYac29vDq4d5VVuNJFj6y8ItrP1nf9ycfrBeC; AWSALB=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9; AWSALBCORS=rGsH05G0IIwdTb88bC4HQtGedx7lCd9o91QVPeygY17WNsZsTy+Sdhwtm18HxUu//LoFBfMr0lcylYkPrxB1OOXkGJjBIBRUJzKiLxyLBV7Vnu/ZjZzWuAm/j3G9
Source: global traffic	HTTP traffic detected: GET /service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..B2aVGXdwQELWM5zpldm8RA.D0SqzqVCoVEmm5nrmtYRUpSxdvbkV-kozB2t42aKeolSvyFtvpL4Cf-lc7ykmn3be3zVhmiD5nxrQgfbT-LEZmrye-Ik0Qk8jenFcr8YNFB4V8w8ullDnKE5g9LncYoUiiDzJVD6ljxN_jfPafXZdpzLi8P75TUzvPuB0I8nCuFP3iEizpTm8E-KLBnhvSnFpQbNMnoZfW6jU0nnOi63SWrV8LsRLHFAmUEVDhi0AEm7JOY-ooGhP-6DDALy9ojky8gslV_kRkPZ8vHXSBATUHP4V3ZIq2FvKiqQ1FPaGMmq9ofN4LMlsmq6Q9VZqtXy89BYadpZer4YyqWCP3D33Efd1YMn-mOILPlb5lJfHZvCV4qe7g3zaZS60HDVR64QSCVQnQnGB4ge-149oY2CAKYx6iANfCOXmZDXzLdgUihGleEYEPr5TNRr1SKTiow7.oii1bhU1Lby7x5CKv1nKlQ HTTP/1.1Host: sf-cv.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALBTGCORS=14mRXilXSw/R+HLkK++/PeEnaw4h7tU470KfUxCtTMEAtycxewuZ1qoxqU3nLkfZiiJOv2PWXL2mDHrvRGKQFhbzTN88yWY+Oi9S76Z8xXSB6ET/MXU5nkJ0bnThVNPw1tMqGv4rtxVH4tso454Ye+0N0fqfsFWqIbI7q1pE2E85GdAL4q+m9AqKRZzEPLl/DGT56UgGCyBmXrxQRgwOZjFhYSIIlhvvSSMifLcxrBqbEG416J7TCD24nkSSWs/9; AWSALB=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30; AWSALBCORS=Wefp3cyip/4Up1QfQXkcVHTyrClaOzcz/Tr7ksj0L1GT/ceL6ZVSC0rMuqLeLkL6K0JuIviJKdrVSoQrpnSw1C/gg9GQsVHrifEtHuAQSA9uUB9Ub7ZWRuIyMl30
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=0-65535
Source: global traffic	HTTP traffic detected: GET /renderx/RenderOutput/afad6241-3adc-5bd5-543c-575a98f97490/VOWithPDFSecurity/e83bb7643ac0d1f4099d27743cdd3d54?AWSAccessKeyId=ASIAWSHYYC7R75LXCNRK&Expires=1728881033&x-amz-security-token=IQoJb3JpZ2luX2VjEHQaCXVzLWVhc3QtMSJHMEUCIQDnk%2FZ8CbYRQfmJwKy5mPChCIbntDEGyVmTtSvRrIcf1QIgCD2NZaySmsfu7BDk5%2Beso%2BeZRKAmXAQ2UK3jYO6T4T8qxAUIzf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARAAGgw0NTE0OTMyMzg3NTUiDAlDstNqU3YZiK0l5SqYBT3%2BnPrVb6W8GMOilWEXz0CvsOcvj4ECjP%2FOpyUj6oZ38kBOpd8otv0C8oGuPIaBMXOcuXTtdQ6R70emC%2FQB%2BGF4GCc3IlYqOqXwZtzvvUXsLKMDa1F7LRegzKhu8zPWQ3v%2BDJ0GZC0NguzWJ%2Bx0%2BW%2BYxuaxR6vYmLo4ltBi1V4WDOFAxYdeLsZi7qEtrOmS03Ab%2FsH%2B3fOQD%2F6XTwzRdlgGeTGewYzLpWZQ1JQYlHufgB4EfSTZsYBjTOIFQOFYJhTTMY7s%2FnxLUCaS1gKDrirHoM40H1xjkN6q5ir%2BmPq2wnCHQLe%2BknkcVcYA3kk9zfEp21SRwAubw2YfBN4jvWZVdaXjzBgs52ppW2MkgQFIC%2F%2BLx9ugW1ciwApyYg1tMY5fzXi9Ucg6L5WMybpf8eqNU4uOsgs8xElmAIuD%2FSTxzQ6p6X%2FdVorutpCn%2F28lq%2BuB1ghD8s5uPVkYFC3wtwdeZaxOuuEz5ErbCYvHBZa59UkuntR8V9MIR%2F7rUPurqDC681RjALoDHf7DQtMORpK3V5%2BqXsUenZ3Mf2s23kkjZXrv2NsAxb9sEUk7GWnISfuoqA4KL8NOm9%2BmWjWg%2FWodBKyU6nSFhzYZMoieIKHr4q%2FQnWo%2BvN4U1HuI9wLI2o%2BhvcHQSLMDMOsbLKksgmVte3f%2BuXbwEPPiAGvDvVVZoghLs4O1F7m6hGy63I1a8vNpIThQFLLAAuiZyUPKHcgae3Uq6w%2F0MzyRiI5GqH6p019f2XOzb8RVT7THOB7GTX2DvbRA6wMgLbc6fHmZEAeL5hvvnO%2F8CklAicOdAnXhzGev3VDwN9rVfW4mQ8675XFGGvIWiCjbEGtF164PDHhx%2BvOYsH%2BgI81EP7TW2DQMOdZuUQx8khcwj6OyuAY6sQHxED0aJ%2BoPWgJOCvdJpG763MHSJ8w9%2FpI%2BCjl7WG8jAhQDRztFA%2BeEV1vn5R1QKMOMEQvnw3wks2HwX4KUZkVwE5AiJXrxZ3VzSANCz1Rwj92BK4g%2BHEmfbi7XL2wBP0zPsWQK6hsputES8iO1FzDwgrYJJQjpdRnXmShAywETrA653H5NEXiXrosGNaafqR3c9HpGH2jMHi49AIH9KhervS6INrPAvl9GSWse%2FBq%2FwFQ%3D&Signature=TaN9mgZypC0IQyoasiIGJJ2uIUY%3D HTTP/1.1Host: sf-temp-us-east-1-production.s3.amazonaws.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: identityAccept-Language: en-US,en;q=0.9Range: bytes=65536-99256If-Range: "102f2460e4fd2bff54305335f7318409"
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALBTGCORS=9sWw/ESRXXdl6oiPBnoOonakZ1ye8nIuxWehEndVWlRi79uKFa6mEWYY1jttk2ElyoWT0kvRlSK8zEbezgknO8VMYeTWytpdqjBQuh8DaGSXQoWiHms9MkqvVcsIK4pNDkJzG9E90KpJ82To1+uI0Lg9nQO1ArCe1qF8wq49Gm9ERpHCZtB1dJEAqjwEbZPyMjCwzQtuMes6goj3+TGsas6TYd4otK8Habl9IIPvIq3n8qR5ZZN3Tsy3HivOpKGN; AWSALB=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9; AWSALBCORS=oJqzyb8cW5dhKRMD8jiSGs0zNGEpeNyGnJ95vprX2IlN5mEhr4UViaBU7H7+V40abW6SmvJ96bwRXCrooPa08Xo72t+oxaidjQRnQxBVnesaF0RLzlwnrW69aUj9
Source: global traffic	HTTP traffic detected: GET /bundles/2bd6acf87747a8fbd76a.gif HTTP/1.1Host: totalcanterbury0.sharefile.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; aws-waf-token=4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAgrIZOH2mAAAA:oCOLW6glqF6hKD5H1QUPjiscrHQdx1i+W1sgali94eRNi4Ioh/iDVWDp2f92gZe9t1oLFSI9qt65z8Md3aP96zdz7x2KBDkUn9jTedWUe8tPxBh3gey1x5RGwKheBSVaWUOPt8HmhUWPvxrqtD56KT5EU0wHlJBiicX0rLdJIoOT2rh1PYDo/im9SQSsXL9WaTa6NjIH/fUyyVsytjwQ9I+OaEZiRccPLxBZGXLoUmeKniTH37ojbkBSailagMxGe7UmycCiYg==; AWSALBTG=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALBTGCORS=gxdvGGMpfhFLzuDO1J425KwL+KZcAf16E0Krpt55hr+vYZWA8azQtVIrZviksIRjUkqgQ6eCB8taAmaLZZQJgMeV0kgIDbfjoWuLCcOY9QL7aC8f6/xYupB8aA/03fA89IcVPvGCi3NMou3nGWsE8+9kWNqjLl2vYe/umvLH++Kx+6VyKVcgcZZXFNca5fzF/o03sWVWpXlRf1iAQofdLoeS0/9g2uxJ8wosKy1v7sh5vEhzYVUcR2lQ9cxqg7pC; AWSALB=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU; AWSALBCORS=M5rSIczDNDa5CdD7PaH/erZ4i1SsKjk4Y65BfCZNgWFKfKqxzFMtERwqSve5Ej0zfggllBf55y+WdTTnRkp2BKwHy2DPmd5izjSEAvgTZS4ZoEkgOcT/cHgxFAXU
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=vhByzrF1ExPNbY7&MD=wgvYytUz HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.us-east-1.sdk.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: app.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: totalcanterbury0.sf-api.com
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-content.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: piletfeed-cdn.sharefile.io
Source: global traffic	DNS traffic detected: DNS query: o49063.ingest.sentry.io
Source: global traffic	DNS traffic detected: DNS query: events.launchdarkly.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net
Source: global traffic	DNS traffic detected: DNS query: citrix-sharefile-data.customer.pendo.io
Source: global traffic	DNS traffic detected: DNS query: sf-cv.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: api.ipify.org
Source: global traffic	DNS traffic detected: DNS query: sf-renderx-us-east-1.sharefile.com
Source: global traffic	DNS traffic detected: DNS query: sf-temp-us-east-1-production.s3.amazonaws.com

Source: unknown

HTTP traffic detected: POST /0093b71e39a6/478ed03bbf12/verify HTTP/1.1Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.comConnection: keep-aliveContent-Length: 8687sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: text/plain;charset=UTF-8Accept: */*Origin: https://totalcanterbury0.sharefile.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:42 GMTContent-Length: 0Connection: closeSet-Cookie: AWSALBTG=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBTGCORS=3tOtBJD2Yv9S36NSfmIE+LOSDRYGXk0IowJnJGGFY9P+FoTQg/dCqdVa2UV3nEQtcRti+zOsTtBfbzXszXZDftnCITglli7T+duIAd+5GrQiZQcTBLj+tSHEl1YClPdPwzDiLUq5H8C8ZwLWYY0ScjfIm+DmwoTBtsEIQgEEhyloXJlv17u01LpnVr8jrOpScIOkdHu0X5fqBD9rz0aqSjuQ0SFzDuvqEkCE52JKmjdWhSfEAA+5HaJ5foFq5d6Y; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/Set-Cookie: AWSALBCORS=gLzEB+3jev1ADcx0Yi9acD1TJz+9IcWst/fWF0saMm1cv3w2fU/haNYAai2+1Va2cNo4DkbV1UIJkHzNALDcFcl3mAHe7Cs7IYahGSKOzhpelDRWoIqAemaYtRmZ; Expires=Mon, 21 Oct 2024 03:48:42 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, must-revalidate, no-cache, privateContent-Language: enExpires: 0Pragma: no-cacheReferrer-Policy: same-originX-XSS-Protection: 1;mode=blockX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=16000000;includeSubDomains;preload
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 14 Oct 2024 03:48:44 GMTContent-Type: application/json; charset=utf-8Content-Length: 93Connection: closeSet-Cookie: AWSALBTG=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBTGCORS=GCoQKYYkCV1pk7JKysXKweYeZDsMyjkbkWjBJcXSIw/gx0A8QGRlLgSCm7qmcOhKqj2RmpMhxAv063771hWb/NihVVfHKvpaPDIwxc2mAkSMSFqVdb500qAAj5z7xA71fA/N64SP2pAHVkMFCBxPAp9X+qHR92cHD4ak0dilzznz; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/Set-Cookie: AWSALBCORS=PZXVmzBeHTA+OS5IxPZUyFMx+G7noINMb9bh6LXM76BjB8ECBAXzqxLYv581V17hT9gT7PhlDwjLiZD6Rgn9ZSpOacaurQErm/MLKys5DlACphrKRGjerP1an3/e; Expires=Mon, 21 Oct 2024 03:48:44 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:44 GMTCitrix-TransactionId: 0566a1b3-6677-4c75-88d4-2a34517cd8c6CorrelationId: xgsWBdW7mEevpIzZHzLkjQX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: DNN0Ui6hQ0alOxcagJKHAg
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:45 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBTGCORS=IKkkxKiUZumvHyzweT2xwumU282RfzaJLGW9d8pylLdjldlkdbHHaz3Wb4Rvxj18NVqDOblnRsul09d/y4GtLEVBPmzFJn/rkDZ8v84iAaunuJEQwjN7QzlESgtK7y0LmAN38WINkU1ltfiLkUlo58z+cdAQIC9thgMsCDOvPvDj; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/Set-Cookie: AWSALBCORS=oKk6+htFu9xyIfzS/9Q0tgHXpH6LjF7d6D1fDvhlsOxcY6iXPgY5H7qUcTDQQgekd+iTMI0e/bGZFL0V30Oa5JoAnb4CbZvg2QB1Trycn8CIskKvjNbK1XUTWvyF; Expires=Mon, 21 Oct 2024 03:48:45 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: ZV76AU7iEUq1u7PWgYnafw
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:46 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBTGCORS=KiTUJtMlfixuRiThXjw0TZMzEG7+Udtp8w5YzFLMhvD4crubkRuWo0hhCYApc2C39tz84aJFTtnKnygn9wf2WJLXDYI8XEYKd3wHn/uQKZkGDBTxtoKCgMCedUzytlcLjBKngpxoKzvmgNZ2Z79AfE40BJ82wHUo8PpWazlILe2s; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/Set-Cookie: AWSALBCORS=SBc1k4dCvd3fywhxLzArSiSB53xqo9Wgroh7zzDnk++QH6wcyJscr1jgb6VrSJw3neMAEbgoJfRNf0EBKVDTkE1m+6LZn9X3sIEX/bFqGVBU3lWTi6dkBD4UNWu7; Expires=Mon, 21 Oct 2024 03:48:46 GMT; Path=/; SameSite=None; SecureCache-Control: no-cache,no-storeExpires: -1Pragma: no-cacheX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: 3ukJ0UE_GEah1hMOHKpDbA
Source: global traffic	HTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 14 Oct 2024 03:48:50 GMTContent-Type: application/json; charset=utf-8Content-Length: 143Connection: closeSet-Cookie: AWSALBTG=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBTGCORS=B92NkS7VUALadFnaygtWYy31XoNrfZhyqHio8dZhoy92AKjtFsq6VvHRZmNpZUzIg1SqE0NCo1Jxelrs3cBklgIWtMYFQ/7PSmFd/WY66T9NsaAZ8EFTU/+kb4/dWwFWhW8nDaKtQHdKuOHWic82ASeQZ1u5SExpVkoRy5AWxidA; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureSet-Cookie: AWSALB=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/Set-Cookie: AWSALBCORS=pONYvpSwyyjOzUD8BSb6RuTyuq0SX9xRu3ttk58ocEYxV09QDGU/QmiEvf/x24CnEi4C4RYJJphWH3oHhG0xapaveNI8UMLyUvdfsirebqPD0/BHqIE9s21uliHy; Expires=Mon, 21 Oct 2024 03:48:50 GMT; Path=/; SameSite=None; SecureCache-Control: no-store, no-cacheContent-Language: enExpires: Sun, 13 Oct 2024 03:48:50 GMTCitrix-TransactionId: 97f4887c-41bb-4d6a-9a5b-c4ffc9ed9e8aCorrelationId: eRg7am7WP0y5zW75B77ZQAX-Content-Type-Options: nosniffX-XSS-Protection: 1; mode=blockX-Frame-Options: DENYX-Robots-Tag: noindexX-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _NoneX-SFAPI-RequestID: UtVW1pV6vk-zraabRAkp_Q

Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://b.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://f.c2r.ts.cdn.office.net/pr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://olkflt.edog.officeapps.live.com/olkflt/outlookflighting.svc/api/glides
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/780dddc8-18a1-5781-895a-a690464fa89ccacheFileFullNotificationPerce
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/chttp://test-exp-s2s.msedge.net/ab/c(
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/ge
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://test-exp-s2s.msedge.net/ab/gecacheFileFullNotificationPercentagehttp://test-exp-s2s.msedge.ne
Source: chromecache_205.2.dr, chromecache_169.2.dr	String found in binary or memory: http://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: http://weather.service.msn.com/data.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/acquisitionlogging
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/app/download
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/preinstalled
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/appinstall/unauthenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinsinstallation.store.office.com/orgid/appinstall/authenticated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/commerce/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/entitlement/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/apps/remove
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://addinslicensing.store.office.com/orgid/entitlement/query
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://agent.pendo.io/licenses
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://analysis.windows.net/powerbi/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apc.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.aadrm.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/api/addins/search
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appinfo/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.omex.office.net/appstate/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.office.com/app/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.addins.store.officeppe.com/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/feedback
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.diagnosticssdf.office.com/v2/file
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.microsoftstream.com/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.officescripts.microsoftusercontent.com/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.onedrive.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/beta/myorg/imports
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/datasets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.powerbi.com/v1.0/myorg/groups
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://api.scheduler.
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.live.net/v5.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://apis.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://app.powerbi.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://arc.msn.com/v4/api/selection
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://asgsmsproxyapi.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com/v2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://augloop.office.com;https://augloop-int.officeppe.com;https://augloop-dogfood.officeppe.com;h
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az804205.vo.msecnd.net/f
Source: HxAccounts.exe, 0000000C.00000002.2544685622.0000021460200000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://az815563.vo.msecnd.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://canary.designerapp.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designer-mobile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/fonts
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-assets
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-dynamic-strings
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.designerapp.osi.office.net/designerapp/mobile-home-screen
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.entity.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.hubblecontent.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cdn.int.designerapp.osi.office.net/fonts
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/DGXiXepNeRvpgcvqVVwgerMyl9c/FzHL74W
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/RKXGQO-T4hA-4ZEVZHET-2hQSkA/2qzaI4Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/WPvkzGkOrfIvp3qkN5N54f_1PEk/YiOA-0Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6A
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/freMllnYvBAwsP7Q8plLkQuQk9o/iIvmdJJ
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/jfhRXEM-T3XDOIl2P_kjewAdeGc/LhZTKWo
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/kRiIYerdgZdzqYlUiCx61iLjnBU/vJf7TMD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/mfS2ulYoG7dN1QSakrLPIk6LA7Q/4_xFPLt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/moENhVNGkRpdnhKRCzqkG8MUQPk/Mp9uRb2
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/njPoQ1-6YEZw5vUbZJ0_GVUQ91Y
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/qgx_AaYBkGN6StQWJLhgBhCmZsY/ZEFqtCH
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWAD
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/wotSbq5SNToNGIBxeYKbdsIn35Q
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide-content/z6GAMp5KCypHWLnasLOIn0RVcPQ/vzuAMPt
Source: chromecache_169.2.dr	String found in binary or memory: https://citrix-sharefile-content.customer.pendo.io/guide.-323232.1622565221517.css
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://client-office365-tas.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/DeltaAdvisory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/c2r/v1.0/InteractiveInstallation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/android/policies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/mac
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://clients.config.office.net/user/v1.0/tenantassociationkey
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cloudfiles.onenote.com/upload.aspx
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v1/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/blocklowlabelimageloadsdevicecapabilitycamera
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/controlflowguardhttps://config.edge.skype.net/config/v1/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://config.edge.skype.com/config/v2/Office
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/
Source: HxAccounts.exe, 0000000C.00000002.2544763182.000002146022B000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.net/config/v1/P
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentcheckin/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://consent.config.office.com/consentweb/v1.0/consents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cortana.ai/api
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://cr.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://d.docs.live.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.o365filtering.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerapp.azurewebsites.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://designerappservice.officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://dev0-api.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://devnull.onenote.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://directory.services.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v1/Designer
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ecs.office.com/config/v2/Office
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/registrar/prod
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://edge.skype.com/rps
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Refresh/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Resolve/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/Search/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/StockHistory/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/ipcheck/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/Metadata/metadata.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/desktop/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://enrichment.osi.office.net/OfficeEnrichment/web/view/web/main.cshtml
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://entitlement.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://eur.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://excel.uservoice.com/forums/304936-excel-for-mobile-devices-tablets-phones-android
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://globaldisco.crm.dynamics.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.ppe.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://graph.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/pivots/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/api/telemetry
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?cp=remix3d
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/browse?secureurl=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=icons&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockimages&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsoftcontent?initpivot=stockvideos&premium=1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://hubblecontent.osi.office.net/contentsvc/microsofticon?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ic3.teams.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnostics.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://incidents.diagnosticssdf.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/client
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://inclient.store.office.com/gyro/clientstore
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Bing
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=ClipArt
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Facebook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=OneDrive
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://insertmedia.bing.office.net/odc/insertmedia
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://invites.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/GetFreeformSpeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lifecycle.office.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com
Source: HxAccounts.exe, 0000000C.00000002.2547769814.00000214625F5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.microsoftonline.com/organizations
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows-ppe.net/common/oauth2/authorize
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp, 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.local
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.local/
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://login.windows.net/common/oauth2/authorize
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://loki.delve.office.com/api/v1/configuration/officewin32/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://lookup.onenote.com/lookup/geolocation/v1
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://make.powerautomate.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://management.azure.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messagebroker.mobile.m365.svc.cloud.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setcampaignaction
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.action.office.com/setuseraction16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.engagement.office.com/campaignmetadataaggregator
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.lifecycle.office.com/getcustommessage16
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://messaging.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://metadata.templates.cdn.office.net/client/log
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://mss.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://my.microsoftpersonalcontent.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ncus.pagecontentsync.
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexus.officeapps.live.com
Source: HxAccounts.exe, 0000000C.00000002.2544718905.0000021460213000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://nexusrules.officeapps.live.comP#
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://o365auditrealtimeingestion.manage.office.com/api/userauditrecord
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ocos-office365-s2s.msedge.net/ab
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/stat/images/OneDriveUpsell.png
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSignUpUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://odc.officeapps.live.com/odc/xml?resource=OneDriveSyncClientUpsell
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ods-diagnostics-ppe.trafficmanager.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ofcrecsvcapi-int.azurewebsites.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeapps.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officeci.azurewebsites.net/api/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officemobile.uservoice.com/forums/929800-office-app-ios-and-ipad-asks
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officepyservice.office.net/service.functionality
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://officesetup.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ogma.osi.office.net/TradukoApi/api/v1.0/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officeentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://omex.cdn.office.net/addinclassifier/officesharedentitiesupdated
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/about/download/?windows10SyncClientInstalled=false
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://onedrive.live.com/embed?
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.azureedge.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://otelrules.svc.static.microsoft
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office.com/autosuggest/api/v1/init?cvid=
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/api/v1.0/me/Activities
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/autodiscover/autodiscover.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://outlook.office365.com/connectors
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://ovisualuiapp.azurewebsites.net/pbiagave/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/appshome.aspx?productgroup=Outlook
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/review/query
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pages.store.office.com/webapplandingpage.aspx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://partnerservices.getmicrosoftkey.com/PartnerProvisioning.svc/v1/subscriptions
Source: chromecache_228.2.dr, chromecache_173.2.dr	String found in binary or memory: https://pendo-static-5352587489443840.storage.googleapis.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pf.directory.live.com/profile/mine/WLX.Profiles.IC.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://portal.office.com/account/?ref=ClientMeControl
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://posarprodcssservice.accesscontrol.windows.net/v2/OAuth2-13
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift-frontdesk.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerlift.acompli.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://powerpoint.uservoice.com/forums/288952-powerpoint-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod-global-autodetect.acompli.net/autodetect
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://prod.mds.office.com/mds/api/v1.0/clientmodeldirectory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://pushchannel.1drv.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://r4.res.office365.com/footprintconfig/v1.7/scripts/fpconfig.json
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/mro1cdnstorage/fonts/prod/4.40
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.cdn.office.net/polymer/models
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://res.getmicrosoftkey.com/api/redemptionevents
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://rpsticket.partnerservices.getmicrosoftkey.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://safelinks.protection.outlook.com/api/GetPolicy
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.officepy.microsoftusercontent.com/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://service.powerapps.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://settings.outlook.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://shell.suite.office.com:1443
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://skyapi.live.net/Activity/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://sr.outlook.office.net/ws/speech/recognize/assistant/work
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://staging.cortana.ai
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://storage.live.com/clientlogs/uploadlocation
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.cn/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://store.office.de/addinstemplate
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/Notes-Internal.ReadWrite
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v1/SearchHistory
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://substrate.office.com/search/api/v2/init
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://tasks.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://templatesmetadata.office.net/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.cdn.office.net/mirrored/smartlookup/current/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.desktop.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://uci.officeapps.live.com/OfficeInsights/web/views/insights.immersive.html
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://useraudit.o365auditrealtimeingestion.manage.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://visio.uservoice.com/forums/368202-visio-on-devices
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://web.microsoftstream.com/video/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://webshell.suite.office.com
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word-edit.officeapps.live.com/we/rrdiscovery.ashx
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.contentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://wus2.pagecontentsync.
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.bingapis.com/api/v7/urlpreview/search?appid=E93048236FE27D972F67C5AF722136866DF65FA2
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.odwebp.svc.ms
Source: 3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	String found in binary or memory: https://www.yammer.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com/https://login.windows.net
Source: HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com50

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50131 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 50165 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 50061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 50095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50155 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 50038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 50143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 50083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 50121 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50106
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50105
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50108
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50107
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50109
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50100
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50101
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50104
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50103
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50119
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50118
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50111
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50110
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50113
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50114
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50128
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50127
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50129
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 50093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50122
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50121
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50124
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50123
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50126
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50125
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50106 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50061
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50062
Source: unknown	Network traffic detected: HTTP traffic on port 50102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50065
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50069
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50074
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50073
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50077
Source: unknown	Network traffic detected: HTTP traffic on port 50114 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50081
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50084
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50086
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50088
Source: unknown	Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50092
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50091
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50094
Source: unknown	Network traffic detected: HTTP traffic on port 50136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50096
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50095
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 50090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 50161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 50138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50038
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50037
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50104 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50046
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 50126 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50098
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50097
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50099
Source: unknown	Network traffic detected: HTTP traffic on port 50112 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 50087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50124 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50146 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50097 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50154 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49789 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:49990 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49991 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.4:50145 version: TLS 1.2

Source: classification engine

Classification label: mal52.win@19/152@60/20

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

File created: C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74"
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
Source: unknown	Process created: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 --field-trial-handle=2200,i,531299270916665974,8411952519928180763,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msoimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso40uiimm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.word.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso50imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mso98imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.view.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxshared.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.viewmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: clipc.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: logoncli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hx.mail.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: twinapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: office.ui.xaml.hxcalendar.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.remotedesktop.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winsta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.systemid.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.system.profile.retailinfo.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msxml6.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.staterepositoryps.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: photometadatahandler.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ploptin.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: webservices.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataaccountapis.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: userdataplatformhelperutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: accountsrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: aphostclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Section loaded: uiautomationcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.model.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: microsoft.applications.telemetry.windows.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso30imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mso20imm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vccorlib140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vcruntime140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msvcp140_app.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coremessaging.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47langs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dcomp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: twinapi.appcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wintypes.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositorycore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowmanagementapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textinputframework.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: inputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: propsys.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: coreuicomponents.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: ntmarta.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecoreuapcommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: office.ui.xaml.hxaccounts.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxgi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: resourcepolicyclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.applicationdata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxcomm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.applicationmodel.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.globalization.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: bcp47mrm.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d11.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d3d10warp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dxcore.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: d2d1.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dwrite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: textshaping.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: onecorecommonproxystub.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.connectivity.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.networking.hostname.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.energy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rmclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: rometadata.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: mrmcorer.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.staterepositoryclient.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.shell.servicehostbuilder.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: execmodelproxy.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiamanager.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.core.textinput.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.immersive.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: dataexchange.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.accountscontrol.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: xmllite.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.security.authentication.web.core.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.ui.xaml.controls.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: vaultcli.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: directmanipulation.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: profext.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: winrttracing.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: hxoutlook.resources.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: msftedit.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: globinputhost.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windowscodecs.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: windows.graphics.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: wuceffects.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: threadpoolwinrt.dll	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Section loaded: uiautomationcore.dll	Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InProcServer32

Jump to behavior

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe

File opened: C:\Windows\SYSTEM32\msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Key opened: \REGISTRY\A\{bfc8b437-7efe-3d25-3410-9e9f0f2e4849}\LocalState\HKEY_CURRENT_USER\Software\Microsoft\Office Test\Special\PerfImm

Jump to behavior

Persistence and Installation Behavior

AI detected landing page (webpage, office document or email)

Source: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74

LLM: Page contains button: 'Preview or Download' Source: '1.5.pages.csv'

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 168	Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: Chrome Cache Entry: 157	Jump to dropped file

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: settings.dat.7.dr

Binary or memory string: VMware, Inc. VMware20,1NE

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	1 Browser Extensions	1 Process Injection	11 Masquerading	OS Credential Dumping	1 Security Software Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	1 DLL Side-Loading	1 DLL Side-Loading	1 Process Injection	LSASS Memory	12 System Information Discovery	Remote Desktop Protocol	Data from Removable Media	4 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 DLL Side-Loading	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	5 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74	0%	Virustotal		Browse
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74	100%	SlashNext	Credential Stealing type: Phishing & Social Engineering

Source	Detection	Scanner	Link
s-part-0017.t-0009.t-msedge.net	0%	Virustotal	Browse
0093b71e39a6.us-east-1.sdk.awswaf.com	0%	Virustotal	Browse
fastly-tls12-bam.nr-data.net	0%	Virustotal	Browse
sf-cv.sharefile.com	0%	Virustotal	Browse
js-agent.newrelic.com	0%	Virustotal	Browse
piletfeed-cdn.sharefile.io	0%	Virustotal	Browse
events.launchdarkly.com	0%	Virustotal	Browse
sf-renderx-us-east-1.sharefile.com	1%	Virustotal	Browse
s3-w.us-east-1.amazonaws.com	0%	Virustotal	Browse
api.ipify.org	0%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
citrix-sharefile-content.customer.pendo.io	0%	Virustotal	Browse
85.204.107.34.bc.googleusercontent.com	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
o49063.ingest.sentry.io	0%	Virustotal	Browse
bam.nr-data.net	0%	Virustotal	Browse
0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	0%	Virustotal	Browse
sf-temp-us-east-1-production.s3.amazonaws.com	0%	Virustotal	Browse
citrix-sharefile-data.customer.pendo.io	0%	Virustotal	Browse
app.launchdarkly.com	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://shell.suite.office.com:1443	0%	URL Reputation	safe
https://designerapp.azurewebsites.net	0%	URL Reputation	safe
https://autodiscover-s.outlook.com/	0%	URL Reputation	safe
https://useraudit.o365auditrealtimeingestion.manage.office.com	0%	URL Reputation	safe
https://outlook.office365.com/connectors	0%	URL Reputation	safe
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr	0%	URL Reputation	safe
https://cdn.entity.	0%	URL Reputation	safe
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/	0%	URL Reputation	safe
https://rpsticket.partnerservices.getmicrosoftkey.com	0%	URL Reputation	safe
https://lookup.onenote.com/lookup/geolocation/v1	0%	URL Reputation	safe
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile	0%	URL Reputation	safe
https://api.aadrm.com/	0%	URL Reputation	safe
https://canary.designerapp.	0%	URL Reputation	safe
https://www.yammer.com	0%	URL Reputation	safe
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies	0%	URL Reputation	safe
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive	0%	URL Reputation	safe
https://cr.office.com	0%	URL Reputation	safe
https://messagebroker.mobile.m365.svc.cloud.microsoft	0%	URL Reputation	safe
https://edge.skype.com/registrar/prod	0%	URL Reputation	safe
https://res.getmicrosoftkey.com/api/redemptionevents	0%	URL Reputation	safe
https://tasks.office.com	0%	URL Reputation	safe
https://officeci.azurewebsites.net/api/	0%	URL Reputation	safe
https://store.office.cn/addinstemplate	0%	URL Reputation	safe
https://edge.skype.com/rps	0%	URL Reputation	safe
https://messaging.engagement.office.com/	0%	URL Reputation	safe
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech	0%	URL Reputation	safe
https://www.odwebp.svc.ms	0%	URL Reputation	safe
https://api.powerbi.com/v1.0/myorg/groups	0%	URL Reputation	safe
https://web.microsoftstream.com/video/	0%	URL Reputation	safe
https://api.addins.store.officeppe.com/addinstemplate	0%	URL Reputation	safe
https://graph.windows.net	0%	URL Reputation	safe
https://consent.config.office.com/consentcheckin/v1.0/consents	0%	URL Reputation	safe
https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices	0%	URL Reputation	safe
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json	0%	URL Reputation	safe
https://safelinks.protection.outlook.com/api/GetPolicy	0%	URL Reputation	safe
https://ncus.contentsync.	0%	URL Reputation	safe
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/	0%	URL Reputation	safe
http://weather.service.msn.com/data.aspx	0%	URL Reputation	safe
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios	0%	URL Reputation	safe
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml	0%	URL Reputation	safe
https://mss.office.com	0%	URL Reputation	safe
https://pushchannel.1drv.ms	0%	URL Reputation	safe
https://wus2.contentsync.	0%	URL Reputation	safe
https://clients.config.office.net/user/v1.0/ios	0%	URL Reputation	safe
https://api.addins.omex.office.net/api/addins/search	0%	URL Reputation	safe
https://outlook.office365.com/api/v1.0/me/Activities	0%	URL Reputation	safe
https://clients.config.office.net/user/v1.0/android/policies	0%	URL Reputation	safe
https://entitlement.diagnostics.office.com	0%	URL Reputation	safe
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js	0%	Virustotal		Browse
https://xsts.auth.xboxlive.com/https://login.windows.net	0%	Virustotal		Browse
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ	0%	Virustotal		Browse
https://api.microsoftstream.com/api/	0%	Virustotal		Browse
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
fastly-tls12-bam.nr-data.net	162.247.243.29	true	false	0%, Virustotal, Browse	unknown
totalcanterbury0.sf-api.com	76.223.1.166	true	false		unknown
sf-renderx-us-east-1.sharefile.com	15.197.239.217	true	false	1%, Virustotal, Browse	unknown
0093b71e39a6.us-east-1.sdk.awswaf.com	13.32.121.41	true	false	0%, Virustotal, Browse	unknown
js-agent.newrelic.com	162.247.243.39	true	false	0%, Virustotal, Browse	unknown
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true	false	0%, Virustotal, Browse	unknown
events.launchdarkly.com	44.199.170.102	true	false	0%, Virustotal, Browse	unknown
sf-cv.sharefile.com	76.223.1.166	true	false	0%, Virustotal, Browse	unknown
piletfeed-cdn.sharefile.io	13.224.189.90	true	false	0%, Virustotal, Browse	unknown
totalcanterbury0.sharefile.com	13.248.193.251	true	false		unknown
0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	18.245.31.29	true	false	0%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown
s3-w.us-east-1.amazonaws.com	52.217.67.148	true	false	0%, Virustotal, Browse	unknown
51.138.111.34.bc.googleusercontent.com	34.111.138.51	true	false		unknown
o49063.ingest.sentry.io	34.120.195.249	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.186.100	true	false	0%, Virustotal, Browse	unknown
api.ipify.org	172.67.74.152	true	false	0%, Virustotal, Browse	unknown
85.204.107.34.bc.googleusercontent.com	34.107.204.85	true	false	0%, Virustotal, Browse	unknown
app.launchdarkly.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
citrix-sharefile-content.customer.pendo.io	unknown	unknown	false	0%, Virustotal, Browse	unknown
bam.nr-data.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
citrix-sharefile-data.customer.pendo.io	unknown	unknown	false	0%, Virustotal, Browse	unknown
sf-temp-us-east-1-production.s3.amazonaws.com	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-projects-pilet/2.0.29/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-request-list-pilet/1.9.18/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/d5a7899d41651404accd.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/2c61db7618456a4b4ea2.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dc-pilet/1.392.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/index.js	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/5626aad50bfaf67fedc0.js	false		unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWADnkufXgGqv6M-p2xBSYIU/xBPyrN0M2r6IFxno71T0shlp-Qc.dom.json?sha256=OG9P3pymuWfB-ZaKqljhBPBaH2alktLkYBmVTjLKrSQ	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/92fe442fb8f2d1f7093b.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-fileviewer-pilet/1.29.0/package/dist/index.js	false		unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js	false	0%, Virustotal, Browse	unknown
https://totalcanterbury0.sharefile.com/bundles/3aa33bb6fffd83a61c47.svg	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-package-pilet/0.37.12/package/dist/main.css	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-tenant-mgt-pilet/1.2.0/package/dist/main.css	false		unknown
https://totalcanterbury0.sharefile.com/bundles/d178f6eceb0126b1e292.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-task-aggregator-pilet/1.0.7/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/c3b78c86faf44765071f.js	false		unknown
https://o49063.ingest.sentry.io/api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/af15e31c70fab7cfd55c.woff2	false		unknown
https://bam.nr-data.net/events/1/fd14b65b5e?a=594432325&sa=1&v=1216.487a282&t=Unnamed%20Transaction&rst=37896&ck=1&ref=https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74	true		unknown
https://totalcanterbury0.sharefile.com/bundles/ba7dfd1a6326f1b75478.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/5be3ba1b444ac539eaf5.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-dynamic-forms-pilet/1.25.0/package/dist/402b74053d26323596b3.woff2	false		unknown
https://0093b71e39a6.11de9b12.us-east-1.token.awswaf.com/0093b71e39a6/478ed03bbf12/telemetry	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-integrations-pilet/0.0.175/package/dist/main.css	false		unknown
https://sf-cv.sharefile.com/service/contentviewer/eventpipeline/preview?r=eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..B2aVGXdwQELWM5zpldm8RA.D0SqzqVCoVEmm5nrmtYRUpSxdvbkV-kozB2t42aKeolSvyFtvpL4Cf-lc7ykmn3be3zVhmiD5nxrQgfbT-LEZmrye-Ik0Qk8jenFcr8YNFB4V8w8ullDnKE5g9LncYoUiiDzJVD6ljxN_jfPafXZdpzLi8P75TUzvPuB0I8nCuFP3iEizpTm8E-KLBnhvSnFpQbNMnoZfW6jU0nnOi63SWrV8LsRLHFAmUEVDhi0AEm7JOY-ooGhP-6DDALy9ojky8gslV_kRkPZ8vHXSBATUHP4V3ZIq2FvKiqQ1FPaGMmq9ofN4LMlsmq6Q9VZqtXy89BYadpZer4YyqWCP3D33Efd1YMn-mOILPlb5lJfHZvCV4qe7g3zaZS60HDVR64QSCVQnQnGB4ge-149oY2CAKYx6iANfCOXmZDXzLdgUihGleEYEPr5TNRr1SKTiow7.oii1bhU1Lby7x5CKv1nKlQ	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-threatalert-mgt-pilet/1.14.0/package/dist/citrite-citrix-ui.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/2efeefafc2bb68a97d33.js	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/main.css	false		unknown
https://totalcanterbury0.sharefile.com/bundles/102a12cf4db82175eb4a.js	false		unknown
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74	true		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-entitlements-pilet/0.1.54/package/dist/index.js	false		unknown
https://totalcanterbury0.sharefile.com/bundles/pdfworker.71b2fed3d97c2433b14536a2de71ac7a.js	false		unknown
https://totalcanterbury0.sf-api.com/sf/v3/Items/ContentViewer	false		unknown
https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-billing-pilet/0.1.121/package/dist/main.css	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://shell.suite.office.com:1443	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://designerapp.azurewebsites.net	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://autodiscover-s.outlook.com/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://useraudit.o365auditrealtimeingestion.manage.office.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://outlook.office365.com/connectors	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://insertmedia.bing.office.net/images/officeonlinecontent/browse?cp=Flickr	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://cdn.entity.	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/V1/GeospatialEndpoint/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://rpsticket.partnerservices.getmicrosoftkey.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://lookup.onenote.com/lookup/geolocation/v1	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://syncservice.protection.outlook.com/PolicySync/PolicySync.svc/SyncFile	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://xsts.auth.xboxlive.com/https://login.windows.net	HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	false	0%, Virustotal, Browse	unknown
https://api.aadrm.com/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://canary.designerapp.	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://www.yammer.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://dataservice.protection.outlook.com/PsorWebService/v1/ClientSyncFile/MipPolicies	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://api.microsoftstream.com/api/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	0%, Virustotal, Browse	unknown
https://insertmedia.bing.office.net/images/hosted?host=office&adlt=strict&hostType=Immersive	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://cr.office.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://messagebroker.mobile.m365.svc.cloud.microsoft	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://otelrules.svc.static.microsoft	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false		unknown
https://edge.skype.com/registrar/prod	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://agent.pendo.io/licenses	chromecache_228.2.dr, chromecache_173.2.dr	false		unknown
https://res.getmicrosoftkey.com/api/redemptionevents	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://tasks.office.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://officeci.azurewebsites.net/api/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://my.microsoftpersonalcontent.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false		unknown
https://store.office.cn/addinstemplate	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://edge.skype.com/rps	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://xsts.auth.xboxlive.com50	HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	false		unknown
https://messaging.engagement.office.com/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/u6RYL2wEa9xrpUJMTeOXl41AeJI/qrJmWAD	chromecache_169.2.dr	false		unknown
https://nam.learningtools.onenote.com/learningtoolsapi/v2.0/getfreeformspeech	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://www.odwebp.svc.ms	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://api.powerbi.com/v1.0/myorg/groups	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://web.microsoftstream.com/video/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://api.addins.store.officeppe.com/addinstemplate	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/DGXiXepNeRvpgcvqVVwgerMyl9c/FzHL74W	chromecache_169.2.dr	false		unknown
https://graph.windows.net	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://citrix-sharefile-content.customer.pendo.io/guide-content/freMllnYvBAwsP7Q8plLkQuQk9o/iIvmdJJ	chromecache_169.2.dr	false		unknown
https://consent.config.office.com/consentcheckin/v1.0/consents	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://learningtools.onenote.com/learningtoolsapi/v2.0/Getvoices	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://pf.directory.live.com/profile/mine/System.ShortCircuitProfile.json	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://d.docs.live.net	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false		unknown
https://safelinks.protection.outlook.com/api/GetPolicy	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://ncus.contentsync.	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://webdir.online.lync.com/autodiscover/autodiscoverservice.svc/root/	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
http://weather.service.msn.com/data.aspx	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://word.uservoice.com/forums/304948-word-for-ipad-iphone-ios	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://mss.office.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://pushchannel.1drv.ms	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://wus2.contentsync.	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://clients.config.office.net/user/v1.0/ios	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://api.addins.omex.office.net/api/addins/search	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://xsts.auth.xboxlive.com	HxAccounts.exe, 0000000C.00000002.2548308478.000002146747E000.00000004.00000020.00020000.00000000.sdmp	false		unknown
https://outlook.office365.com/api/v1.0/me/Activities	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://clients.config.office.net/user/v1.0/android/policies	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown
https://entitlement.diagnostics.office.com	3B28D87C-1702-4267-8E30-2F7FAA6BA453.7.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.224.189.108	unknown	United States	16509	AMAZON-02US	false
44.199.170.102	events.launchdarkly.com	United States	14618	AMAZON-AESUS	false
13.248.193.251	totalcanterbury0.sharefile.com	United States	16509	AMAZON-02US	false
52.217.67.148	s3-w.us-east-1.amazonaws.com	United States	16509	AMAZON-02US	false
15.197.239.217	sf-renderx-us-east-1.sharefile.com	United States	7430	TANDEMUS	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
34.107.204.85	85.204.107.34.bc.googleusercontent.com	United States	15169	GOOGLEUS	false
104.26.12.205	unknown	United States	13335	CLOUDFLARENETUS	false
13.32.121.41	0093b71e39a6.us-east-1.sdk.awswaf.com	United States	16509	AMAZON-02US	false
18.245.31.22	unknown	United States	16509	AMAZON-02US	false
34.111.138.51	51.138.111.34.bc.googleusercontent.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
18.245.31.29	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	United States	16509	AMAZON-02US	false
13.224.189.90	piletfeed-cdn.sharefile.io	United States	16509	AMAZON-02US	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
142.250.186.100	www.google.com	United States	15169	GOOGLEUS	false
76.223.1.166	totalcanterbury0.sf-api.com	United States	16509	AMAZON-02US	false
34.120.195.249	o49063.ingest.sentry.io	United States	15169	GOOGLEUS	false
172.67.74.152	api.ipify.org	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1532896
Start date and time:	2024-10-14 05:47:09 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 26s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	14
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal52.win@19/152@60/20
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, HxTsr.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.185.227, 142.250.185.238, 66.102.1.84, 34.104.35.123, 151.101.194.217, 151.101.66.217, 151.101.130.217, 151.101.2.217, 93.184.221.240, 192.229.221.95, 13.95.31.18, 40.69.42.241, 142.250.186.170, 142.250.186.138, 142.250.184.202, 142.250.185.106, 216.58.206.42, 172.217.16.202, 216.58.212.138, 172.217.18.10, 142.250.74.202, 216.58.206.74, 142.250.186.106, 142.250.185.202, 142.250.186.42, 142.250.185.138, 142.250.185.74, 142.250.185.234, 52.109.28.46, 13.107.5.88, 13.107.42.16, 51.104.136.2, 142.250.184.195, 20.73.194.208
Excluded domains from analysis (whitelisted): config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, otelrules.afd.azureedge.net, outlookmobile-office365-tas-msedge-net.e-0009.e-msedge.net, settings-prod-neu-2.northeurope.cloudapp.azure.com, clientservices.googleapis.com, e-0009.e-msedge.net, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, atm-settingsfe-prod-geo2.trafficmanager.net, config-edge-skype.l-0007.l-msedge.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, settings-prod-weu-2.westeurope.cloudapp.azure.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, officeclient.microsoft.com, l-0007.l-msedge.net, c3.shared.global.fastly.net, wu-b-net.trafficmanager.net, config.edge.skype.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ctldl.windowsupdate.com.delivery.microsoft.com, otelrules.azureedge.net, wu.ec.azureedge.net, prod.configsvc1.live.com.akadns.net, ctldl.window
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtOpenKey calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Input	Output
URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: gemini-1.5-flash	{ "text": "Total Property Services Canterbury Limited-PPE.pdf Details Name Total Property Services Canterbury Limited -PPE.pdf Size 99.48 KB Last updated 10/13/2024 8:03PM Report Abuse", "contains_trigger_text": false, "trigger_text": "", "prominent_button_name": "", "text_input_field_labels": ["unknown"], "pdf_icon_visible": true, "has_visible_qrcode": false, "has_visible_captcha": false, "has_urgent_text": false}

URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: gemini-1.5-flash	{ "text": "Total Property Services Canterbury Limited-PPE.pdf OneDrive You have received a document from Total Property Services Canterbury Limited This may contain private and/or sensitive data. Preview or Download Don't have an account with us? No registration is required to access this document. Thank you. OneDrive Team Note: If you have any concerns about the authenticity of this message please contact the original sender directly. Page 1 of 1 Details Name Total Property Services Canterbury Limited -PPE.pdf Size 99.48 KB Last updated 10/13/2024 8:03PM Report Abuse", "contains_trigger_text": true, "trigger_text": "Preview or Download", "prominent_button_name": "Download", "text_input_field_labels": [], "pdf_icon_visible": true, "has_visible_qrcode": false, "has_visible_captcha": false, "has_urgent_text": false}

URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: jbxai	{ "brands":["Adobe"], "text":"Total Property Services Canterbury Limited-PPE.pdf", "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: jbxai	{ "brands":["Adobe"], "text":"Total Property Services Canterbury Limited-PPE.pdf", "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: gemini-1.5-flash	{ "brands": []}
	{ "brands": []}
URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: jbxai	{ "brands":["OneDrive"], "text":"You have received a document from Total Property Services Canterbury Limited", "contains_trigger_text":true, "trigger_text":"You have received a document from Total Property Services Canterbury Limited", "prominent_button_name":"Preview or Download", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://totalcanterbury0.sharefile.com/share/view/034ada86e7d04d74 Model: gemini-1.5-flash	{ "brands": ["OneDrive"]}
	{ "brands": ["OneDrive"]}

Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsb.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\en-gb\locimages\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsymsl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeuil.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\images\offsym.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe	Queries volume information: C:\Windows\Fonts\segoeuisl.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation	Jump to behavior
Source: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxAccounts.exe	Queries volume information: C:\Windows\Fonts\segmdl2.ttf VolumeInformation	Jump to behavior

Process:	C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	174859
Entropy (8bit):	5.29340861672341
Encrypted:	false
SSDEEP:	1536:Yi2XPRAqIbz41gwErLe7HW8bM/hMdcAZl1p5ihs7gXXSEIJROdYgo:rHe7HW8bM/FXfZfo
MD5:	0BA40C5B9056023BCC25D63C05129AB1
SHA1:	ABBACE7B37BA7C2D0D7618F486E2C6BAD862C8D4
SHA-256:	01DD4DCA9B277070963952EC3DAE28AA8812BB4F3F24CCFB8009048DD116BB95
SHA-512:	4DDE4C4BB6151B9B70FE6DD6BFC16E39F483331D8F4450A5BCCF7E972684335B67236F03C4CB9D33509F84888070506DB8A6574C32D87C0803B15E2B65F9C4D0
Malicious:	false
Reputation:	low
Preview:	<?xml version="1.0" encoding="utf-8"?>..<o:OfficeConfig xmlns:o="urn:schemas-microsoft-com:office:office">.. <o:services o:GenerationTime="2024-10-14T03:49:00">.. Build: 16.0.18204.40137-->.. <o:default>.. <o:ticket o:headerName="Authorization" o:headerValue="{}" />.. </o:default>.. <o:service o:name="Research">.. <o:url>https://word-edit.officeapps.live.com/we/rrdiscovery.ashx</o:url>.. </o:service>.. <o:service o:name="ORedir">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ORedirSSL">.. <o:url>https://o15.officeredir.microsoft.com/r</o:url>.. </o:service>.. <o:service o:name="ClViewClientHelpId" o:authentication="1">.. <o:url>https://[MAX.BaseHost]/client/results</o:url>.. <o:ticket o:policy="MBI_SSL_SHORT" o:idprovider="1" o:target="[MAX.AuthHost]" o:headerValue="Passport1.4 from-PP='{}&p='" />.. <o:ticket o:idprovider="3" o:headerValue="Bearer {}" o:resourceId="[

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (22063), with no line terminators
Category:	downloaded
Size (bytes):	22064
Entropy (8bit):	4.8654655187166815
Encrypted:	false
SSDEEP:	192:5OhzKJPKAzEf7PBVqxj2E6SgTIaFSgTId6jJi9NhKjUcSgTI5bSgTId6MfKKw3s6:HnKtxCQxwWHpEV+bi
MD5:	D2702DCFED567BCA070F8FC55EE3BBE6
SHA1:	13B0C79DBD613889BDD32D6234DAE9CAEAA3CE8C
SHA-256:	B530C482126F2B86447E3A7E6F9319C8FCCD071659A3BAF914E8C51589AEF220
SHA-512:	8EEF7953E5B4623BEB6A423CB05D675E881D6B761EB5B5B7A4DCE0778B5F016452F37F907EE401D7E291204980AA521EB6E58C6D17D9ED81B7B2A66AC0E2F6AC
Malicious:	false
Reputation:	low
URL:	https://citrix-sharefile-content.customer.pendo.io/guide-content/eWI7aCe5RTaQQM3QzyK1rqqWcVM/XNJ1F6ATudKnb82a7viL5T2TM6g/E7DHnb1hOIm90y1iNNrpyuqjzow.dom.json?sha256=tTDEghJvK4ZEfjp-b5MZyPzNBxZZo7r5FOjFFYmu8iA
Preview:	{"props":{"id":"pendo-base","data-layout":"tooltipBlank","class":"_pendo-step-container"},"type":"div","children":[{"css":[{"selector":"#pendo-close-guide-0978f7b0:hover","styles":{"color":"#D9D7D7"}},{"selector":"[data-pendo-poll-id=\"rxgstdttrrq\"]::placeholder","styles":{"color":"#999999FF"}},{"selector":"[data-pendo-poll-id=\"rxgstdttrrq\"]:focus","styles":{"outline":"none","box-shadow":"#00000080 0px 0px 2px 0px"}},{"selector":"#pendo-button-bca5c491:hover","styles":{"background":"rgba(73, 63, 185, 1)","border":"2px solid #493FB9","color":"#FFFFFF","font-weight":400,"border-radius":"8px"}},{"selector":"#pendo-button-799bec88:hover","styles":{"background":"rgba(73, 63, 185, 1)","border":"2px solid #FFFFFF","color":"#FFFFFF","font-weight":400,"border-radius":"8px"}},{"selector":"div[tabindex=-1]:focus","styles":{}}],"type":"style","props":{"type":"text/css","scoped":"scoped"}},{"props":{"id":"pendo-g-XNJ1F6ATudKnb82a7viL5T2TM6g","data-vertical-alignment":"Relative to Element","data-

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Oct 14, 2024 05:48:11.376091957 CEST	192.168.2.4	1.1.1.1	0x8724	Standard query (0)	totalcanterbury0.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:11.376463890 CEST	192.168.2.4	1.1.1.1	0x5aa3	Standard query (0)	totalcanterbury0.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:12.374286890 CEST	192.168.2.4	1.1.1.1	0x7758	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.374622107 CEST	192.168.2.4	1.1.1.1	0xc12d	Standard query (0)	www.google.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:12.894325972 CEST	192.168.2.4	1.1.1.1	0x4905	Standard query (0)	0093b71e39a6.us-east-1.sdk.awswaf.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.894587994 CEST	192.168.2.4	1.1.1.1	0x9e88	Standard query (0)	0093b71e39a6.us-east-1.sdk.awswaf.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:13.825790882 CEST	192.168.2.4	1.1.1.1	0xd21e	Standard query (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.826714039 CEST	192.168.2.4	1.1.1.1	0x4442	Standard query (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:13.915961027 CEST	192.168.2.4	1.1.1.1	0x7cd9	Standard query (0)	totalcanterbury0.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.916055918 CEST	192.168.2.4	1.1.1.1	0x7dee	Standard query (0)	totalcanterbury0.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:15.996404886 CEST	192.168.2.4	1.1.1.1	0xa6d8	Standard query (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:15.996504068 CEST	192.168.2.4	1.1.1.1	0xbe02	Standard query (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:17.613086939 CEST	192.168.2.4	1.1.1.1	0x5a30	Standard query (0)	app.launchdarkly.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.613188982 CEST	192.168.2.4	1.1.1.1	0x7efa	Standard query (0)	app.launchdarkly.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:17.850389957 CEST	192.168.2.4	1.1.1.1	0x5dd1	Standard query (0)	totalcanterbury0.sf-api.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.850960016 CEST	192.168.2.4	1.1.1.1	0xface	Standard query (0)	totalcanterbury0.sf-api.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:17.853274107 CEST	192.168.2.4	1.1.1.1	0x4d4f	Standard query (0)	citrix-sharefile-content.customer.pendo.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.853491068 CEST	192.168.2.4	1.1.1.1	0xe0a9	Standard query (0)	citrix-sharefile-content.customer.pendo.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:19.300292015 CEST	192.168.2.4	1.1.1.1	0xf8bd	Standard query (0)	piletfeed-cdn.sharefile.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.300740957 CEST	192.168.2.4	1.1.1.1	0x6fb9	Standard query (0)	piletfeed-cdn.sharefile.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:19.385840893 CEST	192.168.2.4	1.1.1.1	0xd239	Standard query (0)	o49063.ingest.sentry.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.386555910 CEST	192.168.2.4	1.1.1.1	0x92b7	Standard query (0)	o49063.ingest.sentry.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:20.631278992 CEST	192.168.2.4	1.1.1.1	0xfd92	Standard query (0)	totalcanterbury0.sf-api.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.632065058 CEST	192.168.2.4	1.1.1.1	0x49bf	Standard query (0)	totalcanterbury0.sf-api.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:20.664556980 CEST	192.168.2.4	1.1.1.1	0xbed2	Standard query (0)	citrix-sharefile-content.customer.pendo.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.665014982 CEST	192.168.2.4	1.1.1.1	0x4925	Standard query (0)	citrix-sharefile-content.customer.pendo.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:20.668181896 CEST	192.168.2.4	1.1.1.1	0xec0c	Standard query (0)	app.launchdarkly.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.668673992 CEST	192.168.2.4	1.1.1.1	0xa0a4	Standard query (0)	app.launchdarkly.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:20.684398890 CEST	192.168.2.4	1.1.1.1	0x9794	Standard query (0)	o49063.ingest.sentry.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.685003042 CEST	192.168.2.4	1.1.1.1	0x2c6a	Standard query (0)	o49063.ingest.sentry.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:22.775176048 CEST	192.168.2.4	1.1.1.1	0x2cb4	Standard query (0)	piletfeed-cdn.sharefile.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:22.775672913 CEST	192.168.2.4	1.1.1.1	0xa0	Standard query (0)	piletfeed-cdn.sharefile.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:38.043567896 CEST	192.168.2.4	1.1.1.1	0xa898	Standard query (0)	events.launchdarkly.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.043870926 CEST	192.168.2.4	1.1.1.1	0x53b9	Standard query (0)	events.launchdarkly.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:38.089683056 CEST	192.168.2.4	1.1.1.1	0x2435	Standard query (0)	js-agent.newrelic.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.090163946 CEST	192.168.2.4	1.1.1.1	0xbb93	Standard query (0)	js-agent.newrelic.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:39.240899086 CEST	192.168.2.4	1.1.1.1	0xda3e	Standard query (0)	js-agent.newrelic.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.241082907 CEST	192.168.2.4	1.1.1.1	0xdb5	Standard query (0)	js-agent.newrelic.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:39.647792101 CEST	192.168.2.4	1.1.1.1	0x3dad	Standard query (0)	bam.nr-data.net	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.647938013 CEST	192.168.2.4	1.1.1.1	0x5686	Standard query (0)	bam.nr-data.net	65	IN (0x0001)	false
Oct 14, 2024 05:48:39.967371941 CEST	192.168.2.4	1.1.1.1	0xf396	Standard query (0)	citrix-sharefile-data.customer.pendo.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.967510939 CEST	192.168.2.4	1.1.1.1	0x8640	Standard query (0)	citrix-sharefile-data.customer.pendo.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:40.291093111 CEST	192.168.2.4	1.1.1.1	0xe7bf	Standard query (0)	bam.nr-data.net	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:40.291194916 CEST	192.168.2.4	1.1.1.1	0xfa08	Standard query (0)	bam.nr-data.net	65	IN (0x0001)	false
Oct 14, 2024 05:48:40.722332954 CEST	192.168.2.4	1.1.1.1	0xb170	Standard query (0)	citrix-sharefile-data.customer.pendo.io	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:40.722850084 CEST	192.168.2.4	1.1.1.1	0x4a11	Standard query (0)	citrix-sharefile-data.customer.pendo.io	65	IN (0x0001)	false
Oct 14, 2024 05:48:43.483557940 CEST	192.168.2.4	1.1.1.1	0xc31f	Standard query (0)	sf-cv.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:43.483709097 CEST	192.168.2.4	1.1.1.1	0xa66e	Standard query (0)	sf-cv.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:45.350228071 CEST	192.168.2.4	1.1.1.1	0x6ef4	Standard query (0)	sf-cv.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:45.350476027 CEST	192.168.2.4	1.1.1.1	0x73c1	Standard query (0)	sf-cv.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:52.189245939 CEST	192.168.2.4	1.1.1.1	0xa563	Standard query (0)	api.ipify.org	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.189343929 CEST	192.168.2.4	1.1.1.1	0xf75d	Standard query (0)	api.ipify.org	65	IN (0x0001)	false
Oct 14, 2024 05:48:52.190037966 CEST	192.168.2.4	1.1.1.1	0x9465	Standard query (0)	sf-renderx-us-east-1.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.190366030 CEST	192.168.2.4	1.1.1.1	0xbd2e	Standard query (0)	sf-renderx-us-east-1.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:52.848382950 CEST	192.168.2.4	1.1.1.1	0xfd78	Standard query (0)	api.ipify.org	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.848474979 CEST	192.168.2.4	1.1.1.1	0xc2a3	Standard query (0)	api.ipify.org	65	IN (0x0001)	false
Oct 14, 2024 05:48:52.921392918 CEST	192.168.2.4	1.1.1.1	0xac09	Standard query (0)	sf-renderx-us-east-1.sharefile.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.921473026 CEST	192.168.2.4	1.1.1.1	0x8da6	Standard query (0)	sf-renderx-us-east-1.sharefile.com	65	IN (0x0001)	false
Oct 14, 2024 05:48:54.883419037 CEST	192.168.2.4	1.1.1.1	0xeb53	Standard query (0)	sf-temp-us-east-1-production.s3.amazonaws.com	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.883419037 CEST	192.168.2.4	1.1.1.1	0x3afb	Standard query (0)	sf-temp-us-east-1-production.s3.amazonaws.com	65	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Oct 14, 2024 05:48:11.391043901 CEST	1.1.1.1	192.168.2.4	0x8724	No error (0)	totalcanterbury0.sharefile.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:11.391043901 CEST	1.1.1.1	192.168.2.4	0x8724	No error (0)	totalcanterbury0.sharefile.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.381604910 CEST	1.1.1.1	192.168.2.4	0x7758	No error (0)	www.google.com		142.250.186.100	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.381697893 CEST	1.1.1.1	192.168.2.4	0xc12d	No error (0)	www.google.com			65	IN (0x0001)	false
Oct 14, 2024 05:48:12.904112101 CEST	1.1.1.1	192.168.2.4	0x4905	No error (0)	0093b71e39a6.us-east-1.sdk.awswaf.com		13.32.121.41	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.904112101 CEST	1.1.1.1	192.168.2.4	0x4905	No error (0)	0093b71e39a6.us-east-1.sdk.awswaf.com		13.32.121.91	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.904112101 CEST	1.1.1.1	192.168.2.4	0x4905	No error (0)	0093b71e39a6.us-east-1.sdk.awswaf.com		13.32.121.3	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:12.904112101 CEST	1.1.1.1	192.168.2.4	0x4905	No error (0)	0093b71e39a6.us-east-1.sdk.awswaf.com		13.32.121.66	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.848254919 CEST	1.1.1.1	192.168.2.4	0xd21e	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.29	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.848254919 CEST	1.1.1.1	192.168.2.4	0xd21e	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.22	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.848254919 CEST	1.1.1.1	192.168.2.4	0xd21e	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.46	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.848254919 CEST	1.1.1.1	192.168.2.4	0xd21e	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.60	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.932507992 CEST	1.1.1.1	192.168.2.4	0x7cd9	No error (0)	totalcanterbury0.sharefile.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:13.932507992 CEST	1.1.1.1	192.168.2.4	0x7cd9	No error (0)	totalcanterbury0.sharefile.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:16.008039951 CEST	1.1.1.1	192.168.2.4	0xa6d8	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.22	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:16.008039951 CEST	1.1.1.1	192.168.2.4	0xa6d8	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.60	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:16.008039951 CEST	1.1.1.1	192.168.2.4	0xa6d8	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.29	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:16.008039951 CEST	1.1.1.1	192.168.2.4	0xa6d8	No error (0)	0093b71e39a6.11de9b12.us-east-1.token.awswaf.com		18.245.31.46	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.620434999 CEST	1.1.1.1	192.168.2.4	0x5a30	No error (0)	app.launchdarkly.com	c3.shared.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.620642900 CEST	1.1.1.1	192.168.2.4	0x7efa	No error (0)	app.launchdarkly.com	c3.shared.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.866717100 CEST	1.1.1.1	192.168.2.4	0x5dd1	No error (0)	totalcanterbury0.sf-api.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.866717100 CEST	1.1.1.1	192.168.2.4	0x5dd1	No error (0)	totalcanterbury0.sf-api.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.915965080 CEST	1.1.1.1	192.168.2.4	0x4d4f	No error (0)	citrix-sharefile-content.customer.pendo.io	5352587489443840-content.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.915965080 CEST	1.1.1.1	192.168.2.4	0x4d4f	No error (0)	5352587489443840-content.customer.pendo.io	cdn-cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.915965080 CEST	1.1.1.1	192.168.2.4	0x4d4f	No error (0)	cdn-cname.pendo.io	51.138.111.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.915965080 CEST	1.1.1.1	192.168.2.4	0x4d4f	No error (0)	51.138.111.34.bc.googleusercontent.com		34.111.138.51	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:17.925606966 CEST	1.1.1.1	192.168.2.4	0xe0a9	No error (0)	citrix-sharefile-content.customer.pendo.io	5352587489443840-content.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.925606966 CEST	1.1.1.1	192.168.2.4	0xe0a9	No error (0)	5352587489443840-content.customer.pendo.io	cdn-cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:17.925606966 CEST	1.1.1.1	192.168.2.4	0xe0a9	No error (0)	cdn-cname.pendo.io	51.138.111.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:19.311697006 CEST	1.1.1.1	192.168.2.4	0xf8bd	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.90	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.311697006 CEST	1.1.1.1	192.168.2.4	0xf8bd	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.115	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.311697006 CEST	1.1.1.1	192.168.2.4	0xf8bd	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.109	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.311697006 CEST	1.1.1.1	192.168.2.4	0xf8bd	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.108	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:19.407449961 CEST	1.1.1.1	192.168.2.4	0xd239	No error (0)	o49063.ingest.sentry.io		34.120.195.249	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.647341967 CEST	1.1.1.1	192.168.2.4	0xfd92	No error (0)	totalcanterbury0.sf-api.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.647341967 CEST	1.1.1.1	192.168.2.4	0xfd92	No error (0)	totalcanterbury0.sf-api.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.674981117 CEST	1.1.1.1	192.168.2.4	0xec0c	No error (0)	app.launchdarkly.com	c3.shared.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.676348925 CEST	1.1.1.1	192.168.2.4	0xa0a4	No error (0)	app.launchdarkly.com	c3.shared.global.fastly.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.691600084 CEST	1.1.1.1	192.168.2.4	0x9794	No error (0)	o49063.ingest.sentry.io		34.120.195.249	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:20.717607021 CEST	1.1.1.1	192.168.2.4	0x4925	No error (0)	citrix-sharefile-content.customer.pendo.io	5352587489443840-content.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.717607021 CEST	1.1.1.1	192.168.2.4	0x4925	No error (0)	5352587489443840-content.customer.pendo.io	cdn-cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.717607021 CEST	1.1.1.1	192.168.2.4	0x4925	No error (0)	cdn-cname.pendo.io	51.138.111.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.720369101 CEST	1.1.1.1	192.168.2.4	0xbed2	No error (0)	citrix-sharefile-content.customer.pendo.io	5352587489443840-content.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.720369101 CEST	1.1.1.1	192.168.2.4	0xbed2	No error (0)	5352587489443840-content.customer.pendo.io	cdn-cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.720369101 CEST	1.1.1.1	192.168.2.4	0xbed2	No error (0)	cdn-cname.pendo.io	51.138.111.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:20.720369101 CEST	1.1.1.1	192.168.2.4	0xbed2	No error (0)	51.138.111.34.bc.googleusercontent.com		34.111.138.51	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:22.782737017 CEST	1.1.1.1	192.168.2.4	0x2cb4	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.108	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:22.782737017 CEST	1.1.1.1	192.168.2.4	0x2cb4	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.90	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:22.782737017 CEST	1.1.1.1	192.168.2.4	0x2cb4	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.109	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:22.782737017 CEST	1.1.1.1	192.168.2.4	0x2cb4	No error (0)	piletfeed-cdn.sharefile.io		13.224.189.115	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:26.563491106 CEST	1.1.1.1	192.168.2.4	0xc8f5	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:26.563491106 CEST	1.1.1.1	192.168.2.4	0xc8f5	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		44.199.170.102	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		3.216.87.253	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		54.208.20.4	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		34.196.144.254	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		34.198.57.125	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		52.21.69.248	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		34.233.157.61	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.050383091 CEST	1.1.1.1	192.168.2.4	0xa898	No error (0)	events.launchdarkly.com		18.214.35.222	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.096539021 CEST	1.1.1.1	192.168.2.4	0x2435	No error (0)	js-agent.newrelic.com		162.247.243.39	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:38.976478100 CEST	1.1.1.1	192.168.2.4	0x4c31	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:38.976478100 CEST	1.1.1.1	192.168.2.4	0x4c31	No error (0)	fp2e7a.wpc.phicdn.net		192.229.221.95	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.247848988 CEST	1.1.1.1	192.168.2.4	0xda3e	No error (0)	js-agent.newrelic.com		162.247.243.39	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.655137062 CEST	1.1.1.1	192.168.2.4	0x3dad	No error (0)	bam.nr-data.net	bam.cell.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:39.655137062 CEST	1.1.1.1	192.168.2.4	0x3dad	No error (0)	bam.cell.nr-data.net	fastly-tls12-bam.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:39.655137062 CEST	1.1.1.1	192.168.2.4	0x3dad	No error (0)	fastly-tls12-bam.nr-data.net		162.247.243.29	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:39.655148029 CEST	1.1.1.1	192.168.2.4	0x5686	No error (0)	bam.nr-data.net	bam.cell.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:39.655148029 CEST	1.1.1.1	192.168.2.4	0x5686	No error (0)	bam.cell.nr-data.net	bam.nr-data.net.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.042184114 CEST	1.1.1.1	192.168.2.4	0x8640	No error (0)	citrix-sharefile-data.customer.pendo.io	5352587489443840-data.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.042184114 CEST	1.1.1.1	192.168.2.4	0x8640	No error (0)	5352587489443840-data.customer.pendo.io	cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.042184114 CEST	1.1.1.1	192.168.2.4	0x8640	No error (0)	cname.pendo.io	85.204.107.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.067569017 CEST	1.1.1.1	192.168.2.4	0xf396	No error (0)	citrix-sharefile-data.customer.pendo.io	5352587489443840-data.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.067569017 CEST	1.1.1.1	192.168.2.4	0xf396	No error (0)	5352587489443840-data.customer.pendo.io	cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.067569017 CEST	1.1.1.1	192.168.2.4	0xf396	No error (0)	cname.pendo.io	85.204.107.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.067569017 CEST	1.1.1.1	192.168.2.4	0xf396	No error (0)	85.204.107.34.bc.googleusercontent.com		34.107.204.85	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:40.297791004 CEST	1.1.1.1	192.168.2.4	0xe7bf	No error (0)	bam.nr-data.net	bam.cell.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.297791004 CEST	1.1.1.1	192.168.2.4	0xe7bf	No error (0)	bam.cell.nr-data.net	fastly-tls12-bam.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.297791004 CEST	1.1.1.1	192.168.2.4	0xe7bf	No error (0)	fastly-tls12-bam.nr-data.net		162.247.243.29	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:40.298898935 CEST	1.1.1.1	192.168.2.4	0xfa08	No error (0)	bam.nr-data.net	bam.cell.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.298898935 CEST	1.1.1.1	192.168.2.4	0xfa08	No error (0)	bam.cell.nr-data.net	fastly-tls12-bam.nr-data.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.729774952 CEST	1.1.1.1	192.168.2.4	0xb170	No error (0)	citrix-sharefile-data.customer.pendo.io	5352587489443840-data.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.729774952 CEST	1.1.1.1	192.168.2.4	0xb170	No error (0)	5352587489443840-data.customer.pendo.io	cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.729774952 CEST	1.1.1.1	192.168.2.4	0xb170	No error (0)	cname.pendo.io	85.204.107.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.729774952 CEST	1.1.1.1	192.168.2.4	0xb170	No error (0)	85.204.107.34.bc.googleusercontent.com		34.107.204.85	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:40.776577950 CEST	1.1.1.1	192.168.2.4	0x4a11	No error (0)	citrix-sharefile-data.customer.pendo.io	5352587489443840-data.customer.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.776577950 CEST	1.1.1.1	192.168.2.4	0x4a11	No error (0)	5352587489443840-data.customer.pendo.io	cname.pendo.io		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:40.776577950 CEST	1.1.1.1	192.168.2.4	0x4a11	No error (0)	cname.pendo.io	85.204.107.34.bc.googleusercontent.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:43.499989033 CEST	1.1.1.1	192.168.2.4	0xc31f	No error (0)	sf-cv.sharefile.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:43.499989033 CEST	1.1.1.1	192.168.2.4	0xc31f	No error (0)	sf-cv.sharefile.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:45.366162062 CEST	1.1.1.1	192.168.2.4	0x6ef4	No error (0)	sf-cv.sharefile.com		76.223.1.166	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:45.366162062 CEST	1.1.1.1	192.168.2.4	0x6ef4	No error (0)	sf-cv.sharefile.com		13.248.193.251	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.195828915 CEST	1.1.1.1	192.168.2.4	0xa563	No error (0)	api.ipify.org		172.67.74.152	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.195828915 CEST	1.1.1.1	192.168.2.4	0xa563	No error (0)	api.ipify.org		104.26.13.205	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.195828915 CEST	1.1.1.1	192.168.2.4	0xa563	No error (0)	api.ipify.org		104.26.12.205	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.196763039 CEST	1.1.1.1	192.168.2.4	0xf75d	No error (0)	api.ipify.org			65	IN (0x0001)	false
Oct 14, 2024 05:48:52.205964088 CEST	1.1.1.1	192.168.2.4	0x9465	No error (0)	sf-renderx-us-east-1.sharefile.com		15.197.239.217	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.205964088 CEST	1.1.1.1	192.168.2.4	0x9465	No error (0)	sf-renderx-us-east-1.sharefile.com		3.33.222.159	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.855469942 CEST	1.1.1.1	192.168.2.4	0xfd78	No error (0)	api.ipify.org		104.26.12.205	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.855469942 CEST	1.1.1.1	192.168.2.4	0xfd78	No error (0)	api.ipify.org		104.26.13.205	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.855469942 CEST	1.1.1.1	192.168.2.4	0xfd78	No error (0)	api.ipify.org		172.67.74.152	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.855556965 CEST	1.1.1.1	192.168.2.4	0xc2a3	No error (0)	api.ipify.org			65	IN (0x0001)	false
Oct 14, 2024 05:48:52.935807943 CEST	1.1.1.1	192.168.2.4	0xac09	No error (0)	sf-renderx-us-east-1.sharefile.com		15.197.239.217	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:52.935807943 CEST	1.1.1.1	192.168.2.4	0xac09	No error (0)	sf-renderx-us-east-1.sharefile.com		3.33.222.159	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.900509119 CEST	1.1.1.1	192.168.2.4	0x3afb	No error (0)	sf-temp-us-east-1-production.s3.amazonaws.com	s3-1-w.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:54.900509119 CEST	1.1.1.1	192.168.2.4	0x3afb	No error (0)	s3-1-w.amazonaws.com	s3-w.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	sf-temp-us-east-1-production.s3.amazonaws.com	s3-1-w.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-1-w.amazonaws.com	s3-w.us-east-1.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		52.217.67.148	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		3.5.25.50	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		3.5.0.21	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		52.217.73.212	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		3.5.0.185	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		52.217.226.1	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		52.217.125.129	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:48:54.913350105 CEST	1.1.1.1	192.168.2.4	0xeb53	No error (0)	s3-w.us-east-1.amazonaws.com		16.182.74.161	A (IP address)	IN (0x0001)	false
Oct 14, 2024 05:49:02.084700108 CEST	1.1.1.1	192.168.2.4	0x26b3	No error (0)	shed.dual-low.s-part-0017.t-0009.t-msedge.net	s-part-0017.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Oct 14, 2024 05:49:02.084700108 CEST	1.1.1.1	192.168.2.4	0x26b3	No error (0)	s-part-0017.t-0009.t-msedge.net		13.107.246.45	A (IP address)	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:12 UTC	706	OUT	GET /public/share/web-034ada86e7d04d74 HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:12 UTC	2435	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:12 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: close Set-Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/ Set-Cookie: AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/ Set-Cookie: AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/; SameSite=None; Secure Cache-Control: no-cache,no-store Content-Language: en Expires: -1 Pragma: no-cache Set-Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; path=/; secure; samesite=none; httponly Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block X-Frame-Options: DENY Content-Security-Policy: style-src 'self' 'unsafe-inline' https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com https://piletfeed-cdn.sharefile.io; script-src 'self' 'unsafe-inline' 'strict-dynamic' 'nonce-cXKM6NPc5ovDChYP2ZRsqA==' https://request.eprotect.vantivcnp.com https://consent.trustarc.com https://www.gstatic.com/recaptcha/ https://citrix-sharefile-content.customer.pendo.io https://citrix-sharefile-data.customer.pendo.io https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com https://payments.worldpay.com https://0093b71e39a6.us-east-1.sdk.awswaf.com/0093b71e39a6/478ed03bbf12/challenge.js; frame-ancestors 'none'; report-uri /api/cspviolation
2024-10-14 03:48:12 UTC	13949	IN	Data Raw: 37 61 31 63 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 74 69 74 6c 65 3e 53 68 61 72 65 46 69 6c 65 3c 2f 74 69 74 6c 65 3e 0a 0a 09 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 63 58 4b 4d 36 4e 50 63 35 6f 76 44 43 68 59 50 32 5a 52 73 71 41 3d 3d 22 3e 0a 09 09 09 3b 77 69 6e 64 6f 77 2e 4e 52 45 55 4d 7c 7c 28 4e 52 45 55 4d 3d 7b 7d 29 3b 4e 52 45 55 4d 2e 69 6e 69 74 3d 7b 64 69 73 74 72 69 62 75 74 65 64 5f 74 72 61 63 69 6e 67 3a 7b 65 6e 61 62 6c 65 64 3a 74 72 75 65 7d 2c 70 72 69 76 61 63 79 3a 7b 63 6f Data Ascii: 7a1c<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"><head><title>ShareFile</title><script type="text/javascript" nonce="cXKM6NPc5ovDChYP2ZRsqA==">;window.NREUM\|\|(NREUM={});NREUM.init={distributed_tracing:{enabled:true},privacy:{co
2024-10-14 03:48:12 UTC	16384	IN	Data Raw: 74 65 64 5f 74 72 61 63 69 6e 67 2e 63 6f 72 73 5f 75 73 65 5f 6e 65 77 72 65 6c 69 63 5f 68 65 61 64 65 72 21 3d 3d 21 31 7d 66 75 6e 63 74 69 6f 6e 20 70 28 29 7b 72 65 74 75 72 6e 22 69 6e 69 74 22 69 6e 20 4e 52 45 55 4d 26 26 22 64 69 73 74 72 69 62 75 74 65 64 5f 74 72 61 63 69 6e 67 22 69 6e 20 4e 52 45 55 4d 2e 69 6e 69 74 26 26 21 21 4e 52 45 55 4d 2e 69 6e 69 74 2e 64 69 73 74 72 69 62 75 74 65 64 5f 74 72 61 63 69 6e 67 2e 63 6f 72 73 5f 75 73 65 5f 74 72 61 63 65 63 6f 6e 74 65 78 74 5f 68 65 61 64 65 72 73 7d 76 61 72 20 6c 3d 74 28 32 38 29 2c 68 3d 74 28 31 38 29 3b 65 2e 65 78 70 6f 72 74 73 3d 7b 67 65 6e 65 72 61 74 65 54 72 61 63 65 50 61 79 6c 6f 61 64 3a 72 2c 73 68 6f 75 6c 64 47 65 6e 65 72 61 74 65 54 72 61 63 65 3a 73 7d 7d 2c 7b Data Ascii: ted_tracing.cors_use_newrelic_header!==!1}function p(){return"init"in NREUM&&"distributed_tracing"in NREUM.init&&!!NREUM.init.distributed_tracing.cors_use_tracecontext_headers}var l=t(28),h=t(18);e.exports={generateTracePayload:r,shouldGenerateTrace:s}},{
2024-10-14 03:48:12 UTC	935	IN	Data Raw: 3d 74 5b 63 5d 2c 61 28 73 29 7c 7c 28 74 5b 63 5d 3d 6e 28 73 2c 75 3f 63 2b 72 3a 72 2c 6f 2c 63 2c 69 29 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 6e 2c 72 2c 69 2c 61 29 7b 69 66 28 21 68 7c 7c 65 29 7b 76 61 72 20 73 3d 68 3b 68 3d 21 30 3b 74 72 79 7b 74 2e 65 6d 69 74 28 6e 2c 72 2c 69 2c 65 2c 61 29 7d 63 61 74 63 68 28 63 29 7b 6f 28 5b 63 2c 6e 2c 72 2c 69 5d 2c 74 29 7d 68 3d 73 7d 7d 72 65 74 75 72 6e 20 74 7c 7c 28 74 3d 75 29 2c 6e 2e 69 6e 50 6c 61 63 65 3d 72 2c 6e 2e 66 6c 61 67 3d 70 2c 6e 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 74 2c 65 29 7b 65 7c 7c 28 65 3d 75 29 3b 74 72 79 7b 65 2e 65 6d 69 74 28 22 69 6e 74 65 72 6e 61 6c 2d 65 72 72 6f 72 22 2c 74 29 7d 63 61 74 63 68 28 6e 29 7b 7d 7d 66 75 6e 63 74 69 6f 6e 20 69 28 74 2c 65 2c 6e 29 Data Ascii: =t[c],a(s)\|\|(t[c]=n(s,u?c+r:r,o,c,i))}function s(n,r,i,a){if(!h\|\|e){var s=h;h=!0;try{t.emit(n,r,i,e,a)}catch(c){o([c,n,r,i],t)}h=s}}return t\|\|(t=u),n.inPlace=r,n.flag=p,n}function o(t,e){e\|\|(e=u);try{e.emit("internal-error",t)}catch(n){}}function i(t,e,n)
2024-10-14 03:48:12 UTC	16384	IN	Data Raw: 37 66 66 30 0d 0a 6c 6f 61 64 65 72 22 2c 32 2c 31 37 2c 35 2c 33 2c 34 5d 29 3b 0a 09 09 3c 2f 73 63 72 69 70 74 3e 0a 09 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6e 6f 6e 63 65 3d 22 63 58 4b 4d 36 4e 50 63 35 6f 76 44 43 68 59 50 32 5a 52 73 71 41 3d 3d 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 30 30 39 33 62 37 31 65 33 39 61 36 2e 75 73 2d 65 61 73 74 2d 31 2e 73 64 6b 2e 61 77 73 77 61 66 2e 63 6f 6d 2f 30 30 39 33 62 37 31 65 33 39 61 36 2f 34 37 38 65 64 30 33 62 62 66 31 32 2f 63 68 61 6c 6c 65 6e 67 65 2e 6a 73 22 20 64 65 66 65 72 3e 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f Data Ascii: 7ff0loader",2,17,5,3,4]);</script><script type="text/javascript" nonce="cXKM6NPc5ovDChYP2ZRsqA==" src="https://0093b71e39a6.us-east-1.sdk.awswaf.com/0093b71e39a6/478ed03bbf12/challenge.js" defer></script><meta http-equiv="X-UA-Compatible" co
2024-10-14 03:48:12 UTC	16376	IN	Data Raw: 65 6c 61 79 2d 66 6f 72 2d 6e 65 77 2d 75 73 65 72 73 22 3a 74 72 75 65 2c 22 61 75 74 6f 2d 65 6e 61 62 6c 65 2d 77 6f 72 6b 73 70 61 63 65 2d 6e 65 77 2d 63 63 63 22 3a 66 61 6c 73 65 2c 22 75 73 65 2d 6e 65 77 2d 61 63 63 6f 75 6e 74 2d 69 6e 76 6f 69 63 65 2d 70 61 67 65 22 3a 74 72 75 65 2c 22 65 6e 61 62 6c 65 5f 68 69 70 61 61 5f 66 72 6f 6d 5f 73 65 74 74 69 6e 67 73 5f 6d 6d 66 33 22 3a 74 72 75 65 2c 22 61 69 65 6e 61 62 6c 65 71 6e 61 73 65 72 76 69 63 65 22 3a 66 61 6c 73 65 2c 22 64 69 73 61 62 6c 65 2d 63 6c 69 65 6e 74 2d 75 73 65 72 2d 65 64 69 74 22 3a 74 72 75 65 2c 22 77 65 62 61 70 70 2d 70 72 6f 73 70 65 63 74 2d 63 6c 69 65 6e 74 2d 69 6e 74 61 6b 65 2d 66 6f 72 6d 22 3a 66 61 6c 73 65 2c 22 63 72 65 64 69 74 2d 63 61 72 64 2d 65 78 Data Ascii: elay-for-new-users":true,"auto-enable-workspace-new-ccc":false,"use-new-account-invoice-page":true,"enable_hipaa_from_settings_mmf3":true,"aienableqnaservice":false,"disable-client-user-edit":true,"webapp-prospect-client-intake-form":false,"credit-card-ex
2024-10-14 03:48:12 UTC	16384	IN	Data Raw: 34 35 66 34 0d 0a 69 6f 6e 22 3a 30 2c 22 76 65 72 73 69 6f 6e 22 3a 36 7d 2c 22 77 6f 70 69 2d 65 64 69 74 2d 69 6e 2d 6e 65 77 2d 74 61 62 22 3a 7b 22 76 61 72 69 61 74 69 6f 6e 22 3a 30 2c 22 76 65 72 73 69 6f 6e 22 3a 34 36 7d 2c 22 65 6e 61 62 6c 65 2d 63 6f 6e 76 65 72 73 61 74 69 6f 6e 73 22 3a 7b 22 76 61 72 69 61 74 69 6f 6e 22 3a 30 2c 22 76 65 72 73 69 6f 6e 22 3a 32 30 7d 2c 22 61 6c 6c 6f 77 5f 74 66 61 5f 72 65 73 65 74 5f 62 79 5f 61 64 6d 69 6e 22 3a 7b 22 76 61 72 69 61 74 69 6f 6e 22 3a 30 2c 22 76 65 72 73 69 6f 6e 22 3a 36 7d 2c 22 57 65 62 41 70 70 43 73 70 48 65 61 64 65 72 55 70 64 61 74 65 73 22 3a 7b 22 76 61 72 69 61 74 69 6f 6e 22 3a 31 2c 22 76 65 72 73 69 6f 6e 22 3a 32 7d 2c 22 65 6e 61 62 6c 65 2d 72 65 63 65 6e 74 2d 73 65 Data Ascii: 45f4ion":0,"version":6},"wopi-edit-in-new-tab":{"variation":0,"version":46},"enable-conversations":{"variation":0,"version":20},"allow_tfa_reset_by_admin":{"variation":0,"version":6},"WebAppCspHeaderUpdates":{"variation":1,"version":2},"enable-recent-se
2024-10-14 03:48:12 UTC	16384	IN	Data Raw: 64 69 73 74 2f 69 6e 64 65 78 2e 6a 73 22 2c 22 63 75 73 74 6f 6d 22 3a 7b 22 72 65 71 75 69 72 65 64 46 65 61 74 75 72 65 46 6c 61 67 73 22 3a 7b 22 65 6e 61 62 6c 65 5f 6e 6f 74 69 66 69 63 61 74 69 6f 6e 5f 63 65 6e 74 65 72 5f 70 69 6c 65 74 22 3a 74 72 75 65 7d 2c 22 74 68 69 72 64 50 61 72 74 79 4c 69 63 65 6e 73 65 73 50 61 74 68 22 3a 22 64 69 73 74 2f 74 68 69 72 64 70 61 72 74 79 2e 74 78 74 22 2c 22 74 68 69 72 64 50 61 72 74 79 4c 69 63 65 6e 73 65 73 4c 69 6e 6b 22 3a 22 68 74 74 70 73 3a 2f 2f 70 69 6c 65 74 66 65 65 64 2d 63 64 6e 2e 73 68 61 72 65 66 69 6c 65 2e 69 6f 2f 73 68 61 72 65 66 69 6c 65 2d 77 65 62 2f 73 68 61 72 65 66 69 6c 65 64 65 76 2d 6e 6f 74 69 66 69 63 61 74 69 6f 6e 2d 63 65 6e 74 65 72 2f 30 2e 35 38 2e 30 2f 70 61 63 Data Ascii: dist/index.js","custom":{"requiredFeatureFlags":{"enable_notification_center_pilet":true},"thirdPartyLicensesPath":"dist/thirdparty.txt","thirdPartyLicensesLink":"https://piletfeed-cdn.sharefile.io/sharefile-web/sharefiledev-notification-center/0.58.0/pac
2024-10-14 03:48:12 UTC	212	IN	Data Raw: 63 65 0d 0a 65 6e 64 6f 2e 69 6f 2f 61 67 65 6e 74 2f 73 74 61 74 69 63 2f 37 34 62 30 37 33 33 36 2d 37 35 36 30 2d 34 35 66 63 2d 37 63 64 31 2d 39 35 30 33 32 61 37 38 34 64 35 32 2f 70 65 6e 64 6f 2e 6a 73 27 3b 0a 09 09 7a 3d 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 6e 29 5b 30 5d 3b 7a 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 79 2c 7a 29 3b 7d 29 28 77 69 6e 64 6f 77 2c 64 6f 63 75 6d 65 6e 74 2c 27 73 63 72 69 70 74 27 2c 27 70 65 6e 64 6f 27 29 3b 0a 20 20 20 20 20 20 20 20 3c 2f 73 63 72 69 70 74 3e 0a 3c 2f 62 6f 64 79 3e 0a 0a 3c 2f 68 74 6d 6c 3e 0a 0d 0a Data Ascii: ceendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js';z=e.getElementsByTagName(n)[0];z.parentNode.insertBefore(y,z);})(window,document,'script','pendo'); </script></body></html>
2024-10-14 03:48:12 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:12 UTC	1467	OUT	GET /css/spinner.css HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
2024-10-14 03:48:13 UTC	1415	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:12 GMT Content-Type: text/css Content-Length: 1247 Connection: close Set-Cookie: AWSALBTG=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/ Set-Cookie: AWSALBTGCORS=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/ Set-Cookie: AWSALBCORS=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; Expires=Mon, 21 Oct 2024 03:48:12 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a8c23df" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:13 UTC	1247	IN	Data Raw: 40 2d 77 65 62 6b 69 74 2d 6b 65 79 66 72 61 6d 65 73 20 6c 6f 61 64 69 6e 67 20 7b 0a 09 30 25 20 7b 0a 09 09 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 30 64 65 67 29 3b 0a 09 7d 0a 09 31 30 30 25 20 7b 0a 09 09 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 36 30 64 65 67 29 3b 0a 09 7d 0a 20 20 7d 0a 0a 20 20 40 6b 65 79 66 72 61 6d 65 73 20 6c 6f 61 64 69 6e 67 20 7b 0a 09 20 20 30 25 20 7b 0a 09 09 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 30 64 65 67 29 3b 0a 09 20 20 7d 0a 09 20 20 31 30 30 25 20 7b 0a 09 09 20 20 74 72 61 6e 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 36 30 64 65 67 29 3b 0a 09 20 20 7d 0a 20 20 7d 0a 0a 20 20 2e 6c 6f 61 64 69 6e 67 2d 69 6e 2d 70 72 6f 67 72 65 73 73 20 7b 0a 09 2d 77 65 62 6b Data Ascii: @-webkit-keyframes loading {0% {transform: rotate(0deg);}100% {transform: rotate(60deg);} } @keyframes loading { 0% { transform: rotate(0deg); } 100% { transform: rotate(60deg); } } .loading-in-progress {-webk

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:13 UTC	539	OUT	GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1 Host: 0093b71e39a6.us-east-1.sdk.awswaf.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:13 UTC	614	IN	HTTP/1.1 307 Temporary Redirect Server: CloudFront Date: Mon, 14 Oct 2024 03:48:13 GMT Content-Length: 0 Connection: close Access-Control-Allow-Headers: * Access-Control-Allow-Methods: * Access-Control-Allow-Origin: * Access-Control-Max-Age: 86400 Cache-Control: max-age=86400 Location: https://0093b71e39a6.11de9b12.us-east-1.token.awswaf.com/0093b71e39a6/478ed03bbf12/challenge.js X-Cache: FunctionGeneratedResponse from cloudfront Via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA60-P1 X-Amz-Cf-Id: gKxeEOuKCy9T20w0oTYGTwikcLVRQ8uHZzAwSC5cwgrsOhKaRWmFzA==

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:13 UTC	1475	OUT	GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: AWSALBTG=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALBTGCORS=vnGB6Hn28l1EEdBZlX9HYUucr333Ses3S4XSPaX9fwdSJ+0GuBeAQKTq0gu4fNN4URfh2snsdCcnG17rdaeDb19u3+3GVhclhYvlbTckR21BW2fHJeMh+TZMsMjlHdS5RSltDYU/R1dzQaJtl6sQyHSZjhVNXQd3RbDesBAv33af; AWSALB=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; AWSALBCORS=tjiH6Awzj251hL/ftlPghjzZVyBFSg1/VqfSdcisT/94ttoRPYW36EeUYLZQ/pqeabygfQZJo8XzU7BFtcUnI7PCDQljfxwbEPzyX9GP27DN+j7AXWRuJr03b8Rm; .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp
2024-10-14 03:48:13 UTC	1432	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:13 GMT Content-Type: application/javascript Content-Length: 4673944 Connection: close Set-Cookie: AWSALBTG=rDTfVsGQPzsHaG4DOJKyWD4Y46TiJLCh4c5BhvxnRFsaszBPzejA+a+bAmAI6MHyC7iK2blP8CU8JLU6R5qrgTF2GLG/WZL7I8hRPruPmzp7XFaJuQ44jXPjnq4Heo7bNbWRBxDDTTCife/DEf/ITrLQ9Gdhpf8rJFwaXjVX+Rqd; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/ Set-Cookie: AWSALBTGCORS=rDTfVsGQPzsHaG4DOJKyWD4Y46TiJLCh4c5BhvxnRFsaszBPzejA+a+bAmAI6MHyC7iK2blP8CU8JLU6R5qrgTF2GLG/WZL7I8hRPruPmzp7XFaJuQ44jXPjnq4Heo7bNbWRBxDDTTCife/DEf/ITrLQ9Gdhpf8rJFwaXjVX+Rqd; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=co6yzV9ccKj/xV/NzTPIho09CvfCd07s7MuU2swQffQiZDpkl5JPLFGFAqpTpvYGNekW3Ycy7NQGv6cP8iadhBq1h36ICY8BL5c/STdlgaIK77vSiqY0PXVRXGCt; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/ Set-Cookie: AWSALBCORS=co6yzV9ccKj/xV/NzTPIho09CvfCd07s7MuU2swQffQiZDpkl5JPLFGFAqpTpvYGNekW3Ycy7NQGv6cP8iadhBq1h36ICY8BL5c/STdlgaIK77vSiqY0PXVRXGCt; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773acb7698" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:13 UTC	8458	IN	Data Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 69 6e 64 65 78 2e 35 36 33 63 64 33 66 63 32 31 62 37 30 34 36 35 39 31 36 61 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 72 2c 6f 3d 7b 36 31 32 34 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 69 4e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 78 7d 2c 52 5f 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 79 7d 2c 45 56 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 45 7d 2c 65 7a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 7d 7d 29 3b 76 61 72 20 Data Ascii: /! For license information please see index.563cd3fc21b70465916a.js.LICENSE.txt /!function(){var e,t,n,r,o={61242:function(e,t,n){"use strict";n.d(t,{iN:function(){return x},R_:function(){return y},EV:function(){return E},ez:function(){return b}});var
2024-10-14 03:48:13 UTC	7926	IN	Data Raw: 61 72 28 22 2e 63 6f 6e 63 61 74 28 64 2c 22 29 22 29 7d 7d 29 29 2c 5b 69 2c 7a 28 72 2c 74 2c 7b 73 63 6f 70 65 3a 6e 75 6c 6c 3d 3d 6e 3f 76 6f 69 64 20 30 3a 6e 2e 73 63 6f 70 65 7d 29 5d 7d 2c 6a 3d 6e 28 38 34 31 30 29 2c 42 3d 28 30 2c 61 2e 5a 29 28 7b 7d 2c 75 29 2e 75 73 65 49 6e 73 65 72 74 69 6f 6e 45 66 66 65 63 74 2c 48 3d 42 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 72 65 74 75 72 6e 20 42 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 65 28 29 2c 74 28 29 7d 29 2c 6e 29 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 73 2e 75 73 65 4d 65 6d 6f 28 65 2c 6e 29 2c 28 30 2c 6a 2e 5a 29 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 28 21 30 29 7d 29 2c 6e 29 7d 2c 55 3d 76 6f 69 64 20 30 21 3d 3d 28 Data Ascii: ar(".concat(d,")")}})),[i,z(r,t,{scope:null==n?void 0:n.scope})]},j=n(8410),B=(0,a.Z)({},u).useInsertionEffect,H=B?function(e,t,n){return B((function(){return e(),t()}),n)}:function(e,t,n){s.useMemo(e,n),(0,j.Z)((function(){return t(!0)}),n)},U=void 0!==(
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 5f 6d 75 6c 74 69 5f 76 61 6c 75 65 5f 22 3b 66 75 6e 63 74 69 6f 6e 20 58 65 28 65 29 7b 72 65 74 75 72 6e 20 79 65 28 6a 65 28 65 29 2c 62 65 29 2e 72 65 70 6c 61 63 65 28 2f 5c 7b 25 25 25 5c 3a 5b 5e 3b 5d 3b 7d 2f 67 2c 22 3b 22 29 7d 76 61 72 20 4a 65 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 76 61 72 20 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 7b 7d 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3a 7b 72 6f 6f 74 3a 21 30 2c 70 61 72 65 6e 74 53 65 6c 65 63 74 6f 72 73 3a 5b 5d 7d 2c 6c 3d 72 2e Data Ascii: _multi_value_";function Xe(e){return ye(je(e),be).replace(/\{%%%\:[^;];}/g,";")}var Je=function e(t){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{root:!0,parentSelectors:[]},l=r.
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 2c 69 3d 7b 69 63 6f 6e 3a 7b 74 61 67 3a 22 73 76 67 22 2c 61 74 74 72 73 3a 7b 76 69 65 77 42 6f 78 3a 22 30 20 30 20 31 30 32 34 20 31 30 32 34 22 2c 66 6f 63 75 73 61 62 6c 65 3a 22 66 61 6c 73 65 22 7d 2c 63 68 69 6c 64 72 65 6e 3a 5b 7b 74 61 67 3a 22 70 61 74 68 22 2c 61 74 74 72 73 3a 7b 64 3a 22 4d 39 38 38 20 35 34 38 63 2d 31 39 2e 39 20 30 2d 33 36 2d 31 36 2e 31 2d 33 36 2d 33 36 20 30 2d 35 39 2e 34 2d 31 31 2e 36 2d 31 31 37 2d 33 34 2e 36 2d 31 37 31 2e 33 61 34 34 30 2e 34 35 20 34 34 30 2e 34 35 20 30 20 30 30 2d 39 34 2e 33 2d 31 33 39 2e 39 20 34 33 37 2e 37 31 20 34 33 37 2e 37 31 20 30 20 30 30 2d 31 33 39 2e 39 2d 39 34 2e 33 43 36 32 39 20 38 33 2e 36 20 35 37 31 2e 34 20 37 32 20 35 31 32 20 37 32 63 2d 31 39 2e 39 20 30 2d 33 36 Data Ascii: ,i={icon:{tag:"svg",attrs:{viewBox:"0 0 1024 1024",focusable:"false"},children:[{tag:"path",attrs:{d:"M988 548c-19.9 0-36-16.1-36-36 0-59.4-11.6-117-34.6-171.3a440.45 440.45 0 00-94.3-139.9 437.71 437.71 0 00-139.9-94.3C629 83.6 571.4 72 512 72c-19.9 0-36
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 2e 2e 22 29 2e 63 6f 6e 63 61 74 28 74 68 69 73 2e 5f 63 65 6c 6c 43 6f 75 6e 74 29 29 3b 69 66 28 65 3e 74 68 69 73 2e 5f 6c 61 73 74 4d 65 61 73 75 72 65 64 49 6e 64 65 78 29 66 6f 72 28 76 61 72 20 74 3d 74 68 69 73 2e 67 65 74 53 69 7a 65 41 6e 64 50 6f 73 69 74 69 6f 6e 4f 66 4c 61 73 74 4d 65 61 73 75 72 65 64 43 65 6c 6c 28 29 2c 6e 3d 74 2e 6f 66 66 73 65 74 2b 74 2e 73 69 7a 65 2c 72 3d 74 68 69 73 2e 5f 6c 61 73 74 4d 65 61 73 75 72 65 64 49 6e 64 65 78 2b 31 3b 72 3c 3d 65 3b 72 2b 2b 29 7b 76 61 72 20 6f 3d 74 68 69 73 2e 5f 63 65 6c 6c 53 69 7a 65 47 65 74 74 65 72 28 7b 69 6e 64 65 78 3a 72 7d 29 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 6f 7c 7c 69 73 4e 61 4e 28 6f 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 73 69 7a Data Ascii: ..").concat(this._cellCount));if(e>this._lastMeasuredIndex)for(var t=this.getSizeAndPositionOfLastMeasuredCell(),n=t.offset+t.size,r=this._lastMeasuredIndex+1;r<=e;r++){var o=this._cellSizeGetter({index:r});if(void 0===o\|\|isNaN(o))throw Error("Invalid siz
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 69 74 69 6f 6e 4d 61 6e 61 67 65 72 2c 70 72 65 76 69 6f 75 73 43 65 6c 6c 73 43 6f 75 6e 74 3a 65 2e 72 6f 77 43 6f 75 6e 74 2c 70 72 65 76 69 6f 75 73 43 65 6c 6c 53 69 7a 65 3a 65 2e 72 6f 77 48 65 69 67 68 74 2c 70 72 65 76 69 6f 75 73 53 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 3a 65 2e 73 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 2c 70 72 65 76 69 6f 75 73 53 63 72 6f 6c 6c 54 6f 49 6e 64 65 78 3a 65 2e 73 63 72 6f 6c 6c 54 6f 52 6f 77 2c 70 72 65 76 69 6f 75 73 53 69 7a 65 3a 65 2e 68 65 69 67 68 74 2c 73 63 72 6f 6c 6c 4f 66 66 73 65 74 3a 76 2c 73 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 3a 73 2c 73 63 72 6f 6c 6c 54 6f 49 6e 64 65 78 3a 64 2c 73 69 7a 65 3a 6c 2c 73 69 7a 65 4a 75 73 74 49 6e 63 72 65 61 73 65 64 46 72 6f 6d Data Ascii: itionManager,previousCellsCount:e.rowCount,previousCellSize:e.rowHeight,previousScrollToAlignment:e.scrollToAlignment,previousScrollToIndex:e.scrollToRow,previousSize:e.height,scrollOffset:v,scrollToAlignment:s,scrollToIndex:d,size:l,sizeJustIncreasedFrom
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 64 69 76 22 2c 7b 63 6c 61 73 73 4e 61 6d 65 3a 74 2c 6f 6e 4b 65 79 44 6f 77 6e 3a 74 68 69 73 2e 5f 6f 6e 4b 65 79 44 6f 77 6e 7d 2c 6e 28 7b 6f 6e 53 65 63 74 69 6f 6e 52 65 6e 64 65 72 65 64 3a 74 68 69 73 2e 5f 6f 6e 53 65 63 74 69 6f 6e 52 65 6e 64 65 72 65 64 2c 73 63 72 6f 6c 6c 54 6f 43 6f 6c 75 6d 6e 3a 6f 2c 73 63 72 6f 6c 6c 54 6f 52 6f 77 3a 69 7d 29 29 7d 7d 2c 7b 6b 65 79 3a 22 5f 67 65 74 53 63 72 6f 6c 6c 53 74 61 74 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 70 72 6f 70 73 2e 69 73 43 6f 6e 74 72 6f 6c 6c 65 64 3f 74 68 69 73 2e 70 72 6f 70 73 3a 74 68 69 73 2e 73 74 61 74 65 7d 7d 2c 7b 6b 65 79 3a 22 5f 75 70 64 61 74 65 53 63 72 6f 6c Data Ascii: .createElement("div",{className:t,onKeyDown:this._onKeyDown},n({onSectionRendered:this._onSectionRendered,scrollToColumn:o,scrollToRow:i}))}},{key:"_getScrollState",value:function(){return this.props.isControlled?this.props:this.state}},{key:"_updateScrol
2024-10-14 03:48:13 UTC	16384	IN	Data Raw: 75 6e 74 7c 7c 30 3d 3d 3d 74 2e 73 63 72 6f 6c 6c 4c 65 66 74 26 26 30 3d 3d 3d 74 2e 73 63 72 6f 6c 6c 54 6f 70 3f 65 2e 73 63 72 6f 6c 6c 4c 65 66 74 21 3d 3d 74 2e 73 63 72 6f 6c 6c 4c 65 66 74 7c 7c 65 2e 73 63 72 6f 6c 6c 54 6f 70 21 3d 3d 74 2e 73 63 72 6f 6c 6c 54 6f 70 3f 7b 73 63 72 6f 6c 6c 4c 65 66 74 3a 6e 75 6c 6c 21 3d 65 2e 73 63 72 6f 6c 6c 4c 65 66 74 3f 65 2e 73 63 72 6f 6c 6c 4c 65 66 74 3a 74 2e 73 63 72 6f 6c 6c 4c 65 66 74 2c 73 63 72 6f 6c 6c 54 6f 70 3a 6e 75 6c 6c 21 3d 65 2e 73 63 72 6f 6c 6c 54 6f 70 3f 65 2e 73 63 72 6f 6c 6c 54 6f 70 3a 74 2e 73 63 72 6f 6c 6c 54 6f 70 2c 73 63 72 6f 6c 6c 50 6f 73 69 74 69 6f 6e 43 68 61 6e 67 65 52 65 61 73 6f 6e 3a 52 65 7d 3a 6e 75 6c 6c 3a 7b 73 63 72 6f 6c 6c 4c 65 66 74 3a 30 2c 73 63 Data Ascii: unt\|\|0===t.scrollLeft&&0===t.scrollTop?e.scrollLeft!==t.scrollLeft\|\|e.scrollTop!==t.scrollTop?{scrollLeft:null!=e.scrollLeft?e.scrollLeft:t.scrollLeft,scrollTop:null!=e.scrollTop?e.scrollTop:t.scrollTop,scrollPositionChangeReason:Re}:null:{scrollLeft:0,sc
2024-10-14 03:48:14 UTC	16384	IN	Data Raw: 75 72 6e 20 74 68 69 73 2e 72 69 67 68 74 3f 34 2a 28 74 68 69 73 2e 6c 65 66 74 3f 74 68 69 73 2e 6c 65 66 74 2e 63 6f 75 6e 74 3a 30 29 3e 33 2a 28 74 2d 31 29 3f 51 65 28 74 68 69 73 2c 65 29 3a 32 3d 3d 3d 28 69 3d 74 68 69 73 2e 72 69 67 68 74 2e 72 65 6d 6f 76 65 28 65 29 29 3f 28 74 68 69 73 2e 72 69 67 68 74 3d 6e 75 6c 6c 2c 74 68 69 73 2e 63 6f 75 6e 74 2d 3d 31 2c 31 29 3a 28 31 3d 3d 3d 69 26 26 28 74 68 69 73 2e 63 6f 75 6e 74 2d 3d 31 29 2c 69 29 3a 30 3b 69 66 28 31 3d 3d 3d 74 68 69 73 2e 63 6f 75 6e 74 29 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 65 66 74 50 6f 69 6e 74 73 5b 30 5d 3d 3d 3d 65 3f 32 3a 30 3b 69 66 28 31 3d 3d 3d 74 68 69 73 2e 6c 65 66 74 50 6f 69 6e 74 73 2e 6c 65 6e 67 74 68 26 26 74 68 69 73 2e 6c 65 66 74 50 6f 69 6e 74 Data Ascii: urn this.right?4(this.left?this.left.count:0)>3(t-1)?Qe(this,e):2===(i=this.right.remove(e))?(this.right=null,this.count-=1,1):(1===i&&(this.count-=1),i):0;if(1===this.count)return this.leftPoints[0]===e?2:0;if(1===this.leftPoints.length&&this.leftPoint
2024-10-14 03:48:14 UTC	16384	IN	Data Raw: 2c 73 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 6f 2d 6c 29 3b 74 68 69 73 2e 5f 62 6f 74 74 6f 6d 4c 65 66 74 47 72 69 64 26 26 74 68 69 73 2e 5f 62 6f 74 74 6f 6d 4c 65 66 74 47 72 69 64 2e 72 65 63 6f 6d 70 75 74 65 47 72 69 64 53 69 7a 65 28 7b 63 6f 6c 75 6d 6e 49 6e 64 65 78 3a 6e 2c 72 6f 77 49 6e 64 65 78 3a 73 7d 29 2c 74 68 69 73 2e 5f 62 6f 74 74 6f 6d 52 69 67 68 74 47 72 69 64 26 26 74 68 69 73 2e 5f 62 6f 74 74 6f 6d 52 69 67 68 74 47 72 69 64 2e 72 65 63 6f 6d 70 75 74 65 47 72 69 64 53 69 7a 65 28 7b 63 6f 6c 75 6d 6e 49 6e 64 65 78 3a 63 2c 72 6f 77 49 6e 64 65 78 3a 73 7d 29 2c 74 68 69 73 2e 5f 74 6f 70 4c 65 66 74 47 72 69 64 26 26 74 68 69 73 2e 5f 74 6f 70 4c 65 66 74 47 72 69 64 2e 72 65 63 6f 6d 70 75 74 65 47 72 69 64 53 69 7a 65 28 7b Data Ascii: ,s=Math.max(0,o-l);this._bottomLeftGrid&&this._bottomLeftGrid.recomputeGridSize({columnIndex:n,rowIndex:s}),this._bottomRightGrid&&this._bottomRightGrid.recomputeGridSize({columnIndex:c,rowIndex:s}),this._topLeftGrid&&this._topLeftGrid.recomputeGridSize({

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:13 UTC	1513	OUT	GET /css/sharefilebrand/sf-spinner.svg HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://totalcanterbury0.sharefile.com/css/spinner.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALBTGCORS=V63Kyi9qbiTNPbbmUHgYubefu+DkNZJ+Cx1JSM9SN+BmmkRFTvs05vTndnzjzcsZhPlqPI1zZjOv1RKMPk7Fq6GE6DvPzGCzVVeI8Ud7EXrv0UWapY4luLapNTEy5qQETscsnwCFA0itiTu1F330yMpQn09rAqoqvzxLvO9mRvWQ; AWSALB=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp; AWSALBCORS=5CJUtX80uyB/4BHOKHiHArPpaDgzUMXIuyeYcvi31TnExGf9/kkGw9LN8NZ79u4IGn6B6UQ/uPx1i2wGZIUJGj/Ghyr7jfClUpgnRHFXsifR+jSXHqeuCJDeIKsp
2024-10-14 03:48:13 UTC	1419	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:13 GMT Content-Type: image/svg+xml Content-Length: 872 Connection: close Set-Cookie: AWSALBTG=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/ Set-Cookie: AWSALBTGCORS=VhI/ZzXIc3J22GtaE0HRNdMiOLNDtE0BRwiCDXE1uHgZpYf+dM9n5W77ebr9rYue6gTs7kLH/DY7eoN5FugixpVWFsbS3yqWoQ8HhXTNGVUstPczcS89WqwpU+XveQFAkIF3eR5KkyXL6E3PDqGZ/6w/jW8u+3bpnCRxZvXDWDz3; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/ Set-Cookie: AWSALBCORS=41TfdFr+TK2ZaXcQIsPmh8kjZ6ZxlkodM96lApiGnlUSye7ajF8LIHsiX+P8YnCIq398ta/YUgOJzrB8wsY9sst7UE06GFYqcYBFFzaQzSIgxBsisGOkvj+5iI5o; Expires=Mon, 21 Oct 2024 03:48:13 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a8c2468" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:13 UTC	872	IN	Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0a 3c 73 76 67 0a 09 77 69 64 74 68 3d 22 31 65 6d 22 0a 09 68 65 69 67 68 74 3d 22 31 65 6d 22 0a 09 66 69 6c 6c 3d 22 63 75 72 72 65 6e 74 43 6f 6c 6f 72 22 0a 09 76 69 65 77 42 6f 78 3d 22 30 20 30 20 32 30 38 20 32 34 30 22 0a 09 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 0a 3e 0a 09 3c 70 61 74 68 20 64 3d 22 4d 39 38 2e 37 35 37 37 20 31 36 32 2e 39 38 34 4c 36 36 2e 36 39 37 31 20 32 31 38 2e 35 31 34 4c 35 33 2e 36 34 39 31 20 32 31 30 2e 39 37 33 4c 35 31 2e 39 37 31 35 20 32 31 30 2e 30 30 37 4c 36 39 2e 32 38 39 37 20 31 38 30 2e 30 31 34 48 30 56 31 36 32 2e 39 38 34 48 39 Data Ascii: <?xml version="1.0" encoding="UTF-8"?><svgwidth="1em"height="1em"fill="currentColor"viewBox="0 0 208 240"xmlns="http://www.w3.org/2000/svg"><path d="M98.7577 162.984L66.6971 218.514L53.6491 210.973L51.9715 210.007L69.2897 180.014H0V162.984H9

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:14 UTC	550	OUT	GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1 Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:15 UTC	596	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 1096693 Connection: close Vary: Accept-Encoding Date: Mon, 14 Oct 2024 03:48:14 GMT cache-control: private, max-age=86400, stale-while-revalidate=604800 last-modified: Mon, 14 Oct 2024 03:48:14 +0000 pragma: no-cache expires: 0 x-amzn-waf-challenge-id: Root=1-670c947e-2bb9548855ae18a15811b323 X-Cache: Miss from cloudfront Via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: mmM-yI628eyrzYO2KG-fzO206agWmv3nWHktfUBo4EspAi0PINmzMw==
2024-10-14 03:48:15 UTC	15788	IN	Data Raw: 76 61 72 20 61 30 5f 30 78 32 66 38 37 3d 5b 27 6e 6f 6e 52 65 70 75 64 69 61 74 69 6f 6e 27 2c 27 50 55 42 4c 49 43 5c 78 32 30 4b 45 59 27 2c 27 6b 65 79 27 2c 27 65 6e 63 72 79 70 74 69 6f 6e 50 61 72 61 6d 73 27 2c 27 31 56 68 4f 52 54 4b 27 2c 27 32 34 38 37 32 69 63 63 59 6e 71 27 2c 27 43 6f 6d 6d 65 6e 74 3a 5c 78 32 30 27 2c 27 74 6f 74 61 6c 46 6f 63 75 73 54 69 6d 65 27 2c 27 63 6c 6f 73 65 5f 6e 6f 74 69 66 79 27 2c 27 63 72 63 43 61 6c 63 75 6c 61 74 6f 72 27 2c 27 67 65 74 43 69 70 68 65 72 53 75 69 74 65 27 2c 27 44 6f 4e 6f 74 54 72 61 63 6b 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 66 69 72 73 74 43 68 69 6c 64 27 2c 27 43 6f 75 6c 64 5c 78 32 30 6e 6f 74 5c 78 32 30 61 64 64 5c 78 32 30 50 4b 43 53 23 37 5c 78 32 30 73 69 67 6e 65 72 3b 5c 78 Data Ascii: var a0_0x2f87=['nonRepudiation','PUBLIC\x20KEY','key','encryptionParams','1VhORTK','24872iccYnq','Comment:\x20','totalFocusTime','close_notify','crcCalculator','getCipherSuite','DoNotTrackCollector','firstChild','Could\x20not\x20add\x20PKCS#7\x20signer;\x
2024-10-14 03:48:15 UTC	10732	IN	Data Raw: 45 6c 65 6d 65 6e 74 54 65 6c 65 6d 65 74 72 79 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 43 65 72 74 69 66 69 63 61 74 65 2e 54 42 53 43 65 72 74 69 66 69 63 61 74 65 2e 73 69 67 6e 61 74 75 72 65 2e 70 61 72 61 6d 65 74 65 72 73 27 2c 27 70 61 72 61 6d 65 74 65 72 73 27 2c 27 6d 6f 64 65 73 27 2c 27 31 34 39 36 69 6b 6e 6e 65 56 27 2c 27 4d 79 72 69 61 64 5c 78 32 30 48 65 62 72 65 77 27 2c 27 53 69 67 6e 65 72 49 6e 66 6f 2e 64 69 67 65 73 74 41 6c 67 6f 72 69 74 68 6d 2e 61 6c 67 6f 72 69 74 68 6d 27 2c 27 63 6f 6c 6f 72 3a 5c 78 32 30 79 65 6c 6c 6f 77 27 2c 27 66 6c 61 73 68 27 2c 27 6d 65 73 73 61 67 65 4c 65 6e 67 74 68 36 34 27 2c 27 73 68 61 31 27 2c 27 73 69 67 6e 65 72 49 6e 66 6f 73 27 2c 27 32 2e 35 2e 32 39 2e 32 30 27 2c 27 54 4c 53 5f 31 5f 30 Data Ascii: ElementTelemetryCollector','Certificate.TBSCertificate.signature.parameters','parameters','modes','1496iknneV','Myriad\x20Hebrew','SignerInfo.digestAlgorithm.algorithm','color:\x20yellow','flash','messageLength64','sha1','signerInfos','2.5.29.20','TLS_1_0
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 27 2c 27 6a 73 6f 6e 27 2c 27 67 65 73 27 2c 27 32 2e 35 2e 32 39 2e 33 27 2c 27 62 65 67 69 6e 50 61 74 68 27 2c 27 52 53 41 5c 78 32 30 50 55 42 4c 49 43 5c 78 32 30 4b 45 59 27 2c 27 74 61 6e 27 2c 27 4c 61 78 27 2c 27 45 78 74 65 6e 73 69 6f 6e 5c 78 32 30 76 61 6c 75 65 5c 78 32 30 6e 6f 74 5c 78 32 30 73 70 65 63 69 66 69 65 64 2e 27 2c 27 43 41 4e 56 41 53 5f 48 45 49 47 48 54 27 2c 27 43 6f 6e 74 65 6e 74 49 6e 66 6f 2e 63 6f 6e 74 65 6e 74 27 2c 27 62 72 6f 77 73 65 72 27 2c 27 5f 5f 65 78 70 6f 72 74 53 74 61 72 27 2c 27 70 75 74 49 6e 74 33 32 4c 65 27 2c 27 68 61 6e 64 6c 65 48 65 61 72 74 62 65 61 74 27 2c 27 72 65 61 64 79 27 2c 27 63 6f 6e 74 65 78 74 27 2c 27 32 32 34 39 6f 6a 48 54 50 61 27 2c 27 50 46 58 2e 6d 61 63 44 61 74 61 2e 6d 61 Data Ascii: ','json','ges','2.5.29.3','beginPath','RSA\x20PUBLIC\x20KEY','tan','Lax','Extension\x20value\x20not\x20specified.','CANVAS_HEIGHT','ContentInfo.content','browser','__exportStar','putInt32Le','handleHeartbeat','ready','context','2249ojHTPa','PFX.macData.ma
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 45 6e 63 72 79 70 74 69 6f 6e 41 6c 67 6f 72 69 74 68 6d 2e 70 61 72 61 6d 65 74 65 72 27 2c 27 74 62 73 43 65 72 74 69 66 69 63 61 74 65 27 2c 27 62 61 73 65 35 38 27 2c 27 45 73 74 72 61 6e 67 65 6c 6f 5c 78 32 30 45 64 65 73 73 61 27 2c 27 52 53 41 50 75 62 6c 69 63 4b 65 79 27 2c 27 53 68 6f 6e 61 72 5c 78 32 30 42 61 6e 67 6c 61 27 2c 27 63 65 72 74 53 69 67 6e 61 74 75 72 65 4f 69 64 27 2c 27 6d 6f 75 73 65 6d 6f 76 65 27 2c 27 67 65 74 46 6c 6f 61 74 46 72 65 71 75 65 6e 63 79 44 61 74 61 27 2c 27 32 2e 35 2e 32 39 2e 31 32 27 2c 27 54 72 61 6a 61 6e 5c 78 32 30 50 72 6f 27 2c 27 57 45 42 44 52 49 56 45 52 5f 57 49 4e 44 4f 57 5f 50 52 4f 50 45 52 54 49 45 53 27 2c 27 33 31 30 72 61 79 50 42 7a 27 2c 27 44 45 53 2d 45 43 42 27 2c 27 64 69 73 63 6f Data Ascii: EncryptionAlgorithm.parameter','tbsCertificate','base58','Estrangelo\x20Edessa','RSAPublicKey','Shonar\x20Bangla','certSignatureOid','mousemove','getFloatFrequencyData','2.5.29.12','Trajan\x20Pro','WEBDRIVER_WINDOW_PROPERTIES','310rayPBz','DES-ECB','disco
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 64 5c 78 32 30 50 4b 43 53 5c 78 32 30 23 31 32 5c 78 32 30 50 42 45 5c 78 32 30 64 61 74 61 5c 78 32 30 62 6c 6f 63 6b 2e 5c 78 32 30 55 6e 73 75 70 70 6f 72 74 65 64 5c 78 32 30 4f 49 44 2e 27 2c 27 63 72 65 61 74 65 43 65 72 74 69 66 69 63 61 74 69 6f 6e 52 65 71 75 65 73 74 27 2c 27 43 6f 72 62 65 6c 27 2c 27 42 6f 64 6f 6e 69 5c 78 32 30 4d 54 5c 78 32 30 42 6c 61 63 6b 27 2c 27 49 6e 73 74 61 6e 74 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 52 45 41 4c 27 2c 27 63 6f 6e 74 61 69 6e 73 50 72 6f 70 65 72 74 69 65 73 27 2c 27 5f 63 6f 6e 73 74 72 75 63 74 65 64 53 74 72 69 6e 67 4c 65 6e 67 74 68 27 2c 27 33 32 74 58 59 49 59 69 27 2c 27 66 69 6c 6c 57 69 74 68 42 79 74 65 27 2c 27 67 65 74 55 54 43 4d 69 6e 75 74 65 73 27 2c 27 43 65 6e 74 75 72 79 5c 78 32 Data Ascii: d\x20PKCS\x20#12\x20PBE\x20data\x20block.\x20Unsupported\x20OID.','createCertificationRequest','Corbel','Bodoni\x20MT\x20Black','InstantCollector','REAL','containsProperties','_constructedStringLength','32tXYIYi','fillWithByte','getUTCMinutes','Century\x2
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 38 62 28 30 78 39 62 37 29 2c 5f 30 78 35 30 66 61 64 32 29 3b 7d 66 75 6e 63 74 69 6f 6e 20 5f 30 78 66 61 65 65 38 63 28 5f 30 78 33 36 38 62 62 31 29 7b 76 61 72 20 5f 30 78 31 34 37 38 62 65 3d 5f 30 78 63 37 34 35 35 65 3b 5f 30 78 61 36 62 61 61 61 28 5f 30 78 31 34 37 38 62 65 28 30 78 36 35 30 29 2c 5f 30 78 33 36 38 62 62 31 29 3b 7d 66 75 6e 63 74 69 6f 6e 20 5f 30 78 34 64 63 64 34 35 28 5f 30 78 32 62 63 39 64 39 2c 5f 30 78 31 64 30 39 37 62 29 7b 76 61 72 20 5f 30 78 31 36 64 34 32 36 3d 5f 30 78 63 37 34 35 35 65 3b 5f 30 78 32 62 63 39 64 39 28 5f 30 78 31 64 30 39 37 62 29 2c 5f 30 78 35 64 33 62 61 38 5b 5f 30 78 31 36 64 34 32 36 28 30 78 36 36 64 29 5d 28 29 2c 5f 30 78 35 64 33 62 61 38 5b 27 6c 65 6e 67 74 68 27 5d 26 26 5f 30 78 61 Data Ascii: 8b(0x9b7),_0x50fad2);}function _0xfaee8c(_0x368bb1){var _0x1478be=_0xc7455e;_0xa6baaa(_0x1478be(0x650),_0x368bb1);}function _0x4dcd45(_0x2bc9d9,_0x1d097b){var _0x16d426=_0xc7455e;_0x2bc9d9(_0x1d097b),_0x5d3ba8[_0x16d426(0x66d)](),_0x5d3ba8['length']&&_0xa
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 20 5f 30 78 34 36 38 35 63 62 3d 5b 27 64 61 74 61 27 2c 27 6b 65 79 50 72 65 73 73 65 73 27 5d 3b 72 65 74 75 72 6e 20 5f 30 78 32 63 66 33 66 65 5b 5f 30 78 34 36 38 35 63 62 5b 30 78 30 5d 5d 5b 5f 30 78 34 36 38 35 63 62 5b 30 78 31 5d 5d 2b 2b 3b 7d 29 2c 5f 30 78 37 36 31 36 30 37 5b 5f 30 78 34 38 36 65 32 65 5b 30 78 64 5d 5d 28 5f 30 78 34 38 36 65 32 65 5b 30 78 38 5d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 5f 30 78 32 63 64 33 62 64 3d 5f 30 78 31 34 66 39 32 33 2c 5f 30 78 33 36 62 33 32 63 3d 5b 5f 30 78 32 63 64 33 62 64 28 30 78 38 31 63 29 2c 30 78 33 33 37 30 2c 5f 30 78 32 63 64 33 62 64 28 30 78 62 35 64 29 2c 27 63 6f 6c 6c 65 63 74 6f 72 45 78 65 63 75 74 65 27 2c 27 64 61 74 61 45 78 65 63 75 74 65 27 5d 3b 72 65 74 75 72 6e Data Ascii: _0x4685cb=['data','keyPresses'];return _0x2cf3fe[_0x4685cb[0x0]][_0x4685cb[0x1]]++;}),_0x761607[_0x486e2e[0xd]](_0x486e2e[0x8],function(){var _0x2cd3bd=_0x14f923,_0x36b32c=[_0x2cd3bd(0x81c),0x3370,_0x2cd3bd(0xb5d),'collectorExecute','dataExecute'];return
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 29 2c 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 33 5d 2c 28 5f 30 78 31 64 37 33 37 3d 7b 7d 2c 5f 30 78 31 64 37 33 37 5b 74 68 69 73 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 31 5d 5d 5d 3d 28 30 78 30 2c 5f 30 78 34 34 31 31 64 66 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 39 5d 5d 29 28 28 30 78 30 2c 5f 30 78 34 34 31 31 64 66 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 39 5d 5d 29 28 7b 7d 2c 5f 30 78 32 32 61 39 39 63 29 2c 7b 27 6b 65 79 43 79 63 6c 65 73 27 3a 74 68 69 73 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 32 5d 5d 28 5f 30 78 32 32 61 39 39 63 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 30 5d 5d 29 2c 27 6d 6f 75 73 65 43 79 63 6c 65 73 27 3a 74 68 69 73 5b 5f 30 78 33 66 36 61 38 62 5b 30 78 32 5d 5d 28 5f 30 78 32 32 61 39 39 63 5b 5f 30 78 33 66 36 61 38 62 Data Ascii: ),[_0x3f6a8b[0x3],(_0x1d737={},_0x1d737[this[_0x3f6a8b[0x1]]]=(0x0,_0x4411df[_0x3f6a8b[0x9]])((0x0,_0x4411df[_0x3f6a8b[0x9]])({},_0x22a99c),{'keyCycles':this[_0x3f6a8b[0x2]](_0x22a99c[_0x3f6a8b[0x0]]),'mouseCycles':this[_0x3f6a8b[0x2]](_0x22a99c[_0x3f6a8b
2024-10-14 03:48:15 UTC	13491	IN	Data Raw: 78 65 30 36 31 65 61 3d 74 68 69 73 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 33 5d 5d 28 29 29 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 38 5d 5d 28 7b 27 74 69 6d 65 27 3a 6e 65 77 20 44 61 74 65 28 29 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 30 5d 5d 28 29 2c 27 69 74 65 6d 27 3a 5f 30 78 34 61 30 30 63 31 7d 29 2c 28 5f 30 78 35 38 62 31 34 39 3d 4a 53 4f 4e 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 34 5d 5d 28 5f 30 78 65 30 36 31 65 61 29 29 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 31 5d 5d 3e 5f 30 78 32 37 33 66 33 32 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 32 5d 5d 7c 7c 74 68 69 73 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 39 5d 5d 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 37 5d 5d 28 5f 30 78 32 37 33 66 33 32 5b 5f 30 78 33 32 38 37 38 62 5b 30 78 36 5d 5d 2c 5f Data Ascii: xe061ea=this[_0x32878b[0x3]]())[_0x32878b[0x8]]({'time':new Date()[_0x32878b[0x0]](),'item':_0x4a00c1}),(_0x58b149=JSON[_0x32878b[0x4]](_0xe061ea))[_0x32878b[0x1..._0x273f32[_0x32878b[0x2]]\|\|this[_0x32878b[0x9]][_0x32878b[0x7]](_0x273f32[_0x32878b[0x6]],_
2024-10-14 03:48:15 UTC	16384	IN	Data Raw: 35 39 3d 5f 30 78 32 64 32 31 63 39 2c 5f 30 78 31 31 32 33 37 66 3d 5b 5f 30 78 65 30 65 32 35 39 28 30 78 63 30 34 29 2c 5f 30 78 65 30 65 32 35 39 28 30 78 62 65 34 29 5d 3b 72 65 74 75 72 6e 20 5f 30 78 35 34 61 37 34 38 5b 5f 30 78 31 31 32 33 37 66 5b 30 78 30 5d 5d 3d 6e 65 77 20 44 61 74 65 28 29 5b 5f 30 78 31 31 32 33 37 66 5b 30 78 31 5d 5d 28 29 3b 7d 29 3b 7d 2c 5f 30 78 31 38 38 66 64 35 5b 5f 30 78 36 36 30 36 62 34 5b 30 78 36 5d 5d 5b 5f 30 78 36 36 30 36 62 34 5b 30 78 31 5d 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 5f 30 78 34 35 63 38 35 30 3d 5f 30 78 32 39 30 63 33 32 2c 5f 30 78 33 63 38 34 66 32 3d 5b 30 78 30 2c 5f 30 78 34 35 63 38 35 30 28 30 78 34 35 38 29 5d 3b 72 65 74 75 72 6e 28 30 78 30 2c 5f 30 78 34 39 35 39 64 Data Ascii: 59=_0x2d21c9,_0x11237f=[_0xe0e259(0xc04),_0xe0e259(0xbe4)];return _0x54a748[_0x11237f[0x0]]=new Date()[_0x11237f[0x1]]();});},_0x188fd5[_0x6606b4[0x6]][_0x6606b4[0x1]]=function(){var _0x45c850=_0x290c32,_0x3c84f2=[0x0,_0x45c850(0x458)];return(0x0,_0x4959d

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:15 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-14 03:48:16 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF70) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=133039 Date: Mon, 14 Oct 2024 03:48:16 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:16 UTC	410	OUT	GET /0093b71e39a6/478ed03bbf12/challenge.js HTTP/1.1 Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:17 UTC	596	IN	HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 1096693 Connection: close Vary: Accept-Encoding Date: Mon, 14 Oct 2024 03:48:17 GMT cache-control: private, max-age=86400, stale-while-revalidate=604800 last-modified: Mon, 14 Oct 2024 03:48:17 +0000 pragma: no-cache expires: 0 x-amzn-waf-challenge-id: Root=1-670c9481-228f46d36f00ca5d372f152b X-Cache: Miss from cloudfront Via: 1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: bhGc_ymEx0I6nw0AqvtXsvUTNVypWII2xj8CGbcbgZQdUm6bpvkppQ==
2024-10-14 03:48:17 UTC	15788	IN	Data Raw: 76 61 72 20 61 30 5f 30 78 32 66 38 37 3d 5b 27 6e 6f 6e 52 65 70 75 64 69 61 74 69 6f 6e 27 2c 27 50 55 42 4c 49 43 5c 78 32 30 4b 45 59 27 2c 27 6b 65 79 27 2c 27 65 6e 63 72 79 70 74 69 6f 6e 50 61 72 61 6d 73 27 2c 27 31 56 68 4f 52 54 4b 27 2c 27 32 34 38 37 32 69 63 63 59 6e 71 27 2c 27 43 6f 6d 6d 65 6e 74 3a 5c 78 32 30 27 2c 27 74 6f 74 61 6c 46 6f 63 75 73 54 69 6d 65 27 2c 27 63 6c 6f 73 65 5f 6e 6f 74 69 66 79 27 2c 27 63 72 63 43 61 6c 63 75 6c 61 74 6f 72 27 2c 27 67 65 74 43 69 70 68 65 72 53 75 69 74 65 27 2c 27 44 6f 4e 6f 74 54 72 61 63 6b 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 66 69 72 73 74 43 68 69 6c 64 27 2c 27 43 6f 75 6c 64 5c 78 32 30 6e 6f 74 5c 78 32 30 61 64 64 5c 78 32 30 50 4b 43 53 23 37 5c 78 32 30 73 69 67 6e 65 72 3b 5c 78 Data Ascii: var a0_0x2f87=['nonRepudiation','PUBLIC\x20KEY','key','encryptionParams','1VhORTK','24872iccYnq','Comment:\x20','totalFocusTime','close_notify','crcCalculator','getCipherSuite','DoNotTrackCollector','firstChild','Could\x20not\x20add\x20PKCS#7\x20signer;\x
2024-10-14 03:48:17 UTC	245	IN	Data Raw: 45 6c 65 6d 65 6e 74 54 65 6c 65 6d 65 74 72 79 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 43 65 72 74 69 66 69 63 61 74 65 2e 54 42 53 43 65 72 74 69 66 69 63 61 74 65 2e 73 69 67 6e 61 74 75 72 65 2e 70 61 72 61 6d 65 74 65 72 73 27 2c 27 70 61 72 61 6d 65 74 65 72 73 27 2c 27 6d 6f 64 65 73 27 2c 27 31 34 39 36 69 6b 6e 6e 65 56 27 2c 27 4d 79 72 69 61 64 5c 78 32 30 48 65 62 72 65 77 27 2c 27 53 69 67 6e 65 72 49 6e 66 6f 2e 64 69 67 65 73 74 41 6c 67 6f 72 69 74 68 6d 2e 61 6c 67 6f 72 69 74 68 6d 27 2c 27 63 6f 6c 6f 72 3a 5c 78 32 30 79 65 6c 6c 6f 77 27 2c 27 66 6c 61 73 68 27 2c 27 6d 65 73 73 61 67 65 4c 65 6e 67 74 68 36 34 27 2c 27 73 68 61 31 27 2c 27 73 69 67 6e 65 72 49 6e 66 6f 73 27 2c 27 32 2e 35 2e 32 39 2e 32 30 Data Ascii: ElementTelemetryCollector','Certificate.TBSCertificate.signature.parameters','parameters','modes','1496iknneV','Myriad\x20Hebrew','SignerInfo.digestAlgorithm.algorithm','color:\x20yellow','flash','messageLength64','sha1','signerInfos','2.5.29.20
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 27 2c 27 54 4c 53 5f 31 5f 30 27 2c 27 63 6c 6f 73 65 27 2c 27 4d 6f 6e 6f 73 70 61 63 38 32 31 5c 78 32 30 42 54 27 2c 27 70 75 62 6c 69 63 4b 65 79 4d 6f 64 75 6c 75 73 27 2c 27 73 65 74 49 6e 74 38 27 2c 27 25 63 5c 78 32 30 75 73 69 6e 67 5c 78 32 30 6d 61 74 63 68 65 64 44 6f 6d 61 69 6e 3a 5c 78 32 30 27 2c 27 67 65 74 27 2c 27 49 45 45 45 5f 50 4f 4c 59 4e 4f 4d 49 41 4c 27 2c 27 50 48 41 4e 54 4f 4d 5f 57 49 4e 44 4f 57 5f 50 52 4f 50 45 52 54 49 45 53 27 2c 27 63 69 70 68 65 72 5f 73 75 69 74 65 27 2c 27 73 75 62 6d 69 74 27 2c 27 49 6e 76 61 6c 69 64 5c 78 32 30 43 65 72 74 69 66 69 63 61 74 65 52 65 71 75 65 73 74 2e 5c 78 32 30 4d 65 73 73 61 67 65 5c 78 32 30 74 6f 6f 5c 78 32 30 73 68 6f 72 74 2e 27 2c 27 43 65 72 74 69 66 69 63 61 74 65 2e Data Ascii: ','TLS_1_0','close','Monospac821\x20BT','publicKeyModulus','setInt8','%c\x20using\x20matchedDomain:\x20','get','IEEE_POLYNOMIAL','PHANTOM_WINDOW_PROPERTIES','cipher_suite','submit','Invalid\x20CertificateRequest.\x20Message\x20too\x20short.','Certificate.
2024-10-14 03:48:17 UTC	3052	IN	Data Raw: 43 6f 6e 74 65 6e 74 27 2c 27 64 65 74 65 63 74 49 66 72 61 6d 65 45 76 61 73 69 6f 6e 27 2c 27 31 2e 32 2e 38 34 30 2e 31 31 33 35 34 39 2e 31 2e 37 2e 36 27 2c 27 78 2d 71 73 61 27 2c 27 64 65 74 65 63 74 27 2c 27 72 61 77 48 6f 73 74 6e 61 6d 65 27 2c 27 65 6c 65 6d 65 6e 74 73 27 2c 27 34 32 39 35 39 71 69 47 6b 5a 63 27 2c 27 47 6f 74 68 69 63 47 27 2c 27 73 69 67 6e 65 64 41 6e 64 45 6e 76 65 6c 6f 70 65 64 44 61 74 61 27 2c 27 63 6f 6e 6e 65 63 74 65 64 27 2c 27 77 68 69 63 68 27 2c 27 73 68 61 32 32 34 27 2c 27 43 42 43 27 2c 27 50 46 58 2e 6d 61 63 44 61 74 61 2e 6d 61 63 2e 64 69 67 65 73 74 41 6c 67 6f 72 69 74 68 6d 27 2c 27 44 4f 4d 5c 78 32 30 66 75 6c 6c 79 5c 78 32 30 6c 6f 61 64 65 64 5c 78 32 30 61 6e 64 5c 78 32 30 70 61 72 73 65 64 2e Data Ascii: Content','detectIframeEvasion','1.2.840.113549.1.7.6','x-qsa','detect','rawHostname','elements','42959qiGkZc','GothicG','signedAndEnvelopedData','connected','which','sha224','CBC','PFX.macData.mac.digestAlgorithm','DOM\x20fully\x20loaded\x20and\x20parsed.
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 6b 65 79 27 2c 27 49 6c 6c 65 67 61 6c 5c 78 32 30 70 61 72 61 6d 65 74 65 72 2e 27 2c 27 73 63 72 65 65 6e 49 6e 66 6f 27 2c 27 73 65 74 55 54 43 48 6f 75 72 73 27 2c 27 32 2e 35 2e 34 2e 39 27 2c 27 6b 65 6d 27 2c 27 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 27 2c 27 69 73 43 6f 6e 6e 65 63 74 65 64 27 2c 27 36 36 39 38 35 4b 6a 6a 56 53 49 27 2c 27 65 6e 63 6f 64 65 36 34 27 2c 27 55 6e 73 75 70 70 6f 72 74 65 64 5c 78 32 30 4d 47 46 5c 78 32 30 68 61 73 68 5c 78 32 30 66 75 6e 63 74 69 6f 6e 2e 27 2c 27 64 6f 4e 6f 74 54 72 61 63 6b 27 2c 27 70 75 74 49 6e 74 27 2c 27 6f 70 74 69 6f 6e 61 6c 27 2c 27 43 61 6e 76 61 73 27 2c 27 64 6f 6d 41 75 74 6f 6d 61 74 69 6f 6e 27 2c 27 63 73 73 54 65 78 74 27 2c 27 54 78 74 27 2c 27 64 69 67 65 73 74 41 6c 67 Data Ascii: key','Illegal\x20parameter.','screenInfo','setUTCHours','2.5.4.9','kem','documentElement','isConnected','66985KjjVSI','encode64','Unsupported\x20MGF\x20hash\x20function.','doNotTrack','putInt','optional','Canvas','domAutomation','cssText','Txt','digestAlg
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 27 2c 27 43 6f 75 72 69 65 72 5c 78 32 30 4e 65 77 5c 78 32 30 43 45 27 2c 27 6f 62 66 75 73 63 61 74 65 27 2c 27 70 72 69 76 61 74 65 4b 65 79 46 72 6f 6d 50 65 6d 27 2c 27 47 75 6c 69 6d 43 68 65 27 2c 27 42 55 46 46 45 52 5f 4b 45 59 27 2c 27 65 78 74 65 6e 73 69 6f 6e 52 65 71 75 65 73 74 27 2c 27 4d 79 72 69 61 64 5c 78 32 30 41 72 61 62 69 63 27 2c 27 6f 72 67 27 2c 27 54 69 6d 65 54 6f 53 75 62 6d 69 74 43 6f 6c 6c 65 63 74 6f 72 27 2c 27 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e 33 31 31 2e 36 30 2e 32 2e 31 2e 32 27 2c 27 6c 6f 67 4d 65 73 73 61 67 65 27 2c 27 63 6c 65 61 72 4f 6e 46 75 6c 6c 42 75 66 66 65 72 27 2c 27 73 65 72 76 65 72 5f 77 72 69 74 65 5f 6b 65 79 27 2c 27 63 65 72 74 69 66 69 63 61 74 65 5f 72 65 76 6f 6b 65 64 27 2c 27 67 65 6e 65 Data Ascii: ','Courier\x20New\x20CE','obfuscate','privateKeyFromPem','GulimChe','BUFFER_KEY','extensionRequest','Myriad\x20Arabic','org','TimeToSubmitCollector','1.3.6.1.4.1.311.60.2.1.2','logMessage','clearOnFullBuffer','server_write_key','certificate_revoked','gene
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 63 74 69 6f 6e 28 5f 30 78 35 32 64 36 37 61 2c 5f 30 78 33 62 37 35 66 61 29 7b 76 61 72 20 5f 30 78 31 32 65 34 33 34 3d 61 30 5f 30 78 34 33 34 64 3b 66 75 6e 63 74 69 6f 6e 20 5f 30 78 31 33 35 38 30 33 28 5f 30 78 36 31 37 65 65 35 29 7b 74 72 79 7b 5f 30 78 61 38 30 38 61 64 28 5f 30 78 33 38 35 33 33 38 5b 27 6e 65 78 74 27 5d 28 5f 30 78 36 31 37 65 65 35 29 29 3b 7d 63 61 74 63 68 28 5f 30 78 33 30 66 34 33 35 29 7b 5f 30 78 33 62 37 35 66 61 28 5f 30 78 33 30 66 34 33 35 29 3b 7d 7d 66 75 6e 63 74 69 6f 6e 20 5f 30 78 33 65 61 30 39 65 28 5f 30 78 33 37 30 31 61 35 29 7b 74 72 79 7b 5f 30 78 61 38 30 38 61 64 28 5f 30 78 33 38 35 33 33 38 5b 27 74 68 72 6f 77 27 5d 28 5f 30 78 33 37 30 31 61 35 29 29 3b 7d 63 61 74 63 68 28 5f 30 78 31 30 39 36 Data Ascii: ction(_0x52d67a,_0x3b75fa){var _0x12e434=a0_0x434d;function _0x135803(_0x617ee5){try{_0xa808ad(_0x385338['next'](_0x617ee5));}catch(_0x30f435){_0x3b75fa(_0x30f435);}}function _0x3ea09e(_0x3701a5){try{_0xa808ad(_0x385338['throw'](_0x3701a5));}catch(_0x1096
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 64 31 37 39 5b 30 78 38 5d 5d 3d 5f 30 78 32 61 37 38 65 66 2c 74 68 69 73 5b 5f 30 78 33 66 64 31 37 39 5b 30 78 62 5d 5d 28 29 3b 7d 72 65 74 75 72 6e 20 5f 30 78 31 31 34 61 38 35 5b 5f 30 78 33 66 64 31 37 39 5b 30 78 61 5d 5d 5b 5f 30 78 33 66 64 31 37 39 5b 30 78 62 5d 5d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 5f 30 78 34 64 33 62 35 32 3d 5f 30 78 31 65 63 30 30 33 2c 5f 30 78 31 33 63 32 31 61 3d 5b 5f 30 78 34 64 33 62 35 32 28 30 78 37 66 36 29 2c 27 65 76 65 6e 74 43 79 63 6c 65 73 27 2c 5f 30 78 34 64 33 62 35 32 28 30 78 38 62 38 29 2c 5f 30 78 34 64 33 62 35 32 28 30 78 62 63 61 29 2c 5f 30 78 34 64 33 62 35 32 28 30 78 63 38 61 29 2c 5f 30 78 34 64 33 62 35 32 28 30 78 62 34 62 29 5d 2c 5f 30 78 32 32 63 34 38 66 3d 74 68 69 73 2c Data Ascii: d179[0x8]]=_0x2a78ef,this[_0x3fd179[0xb]]();}return _0x114a85[_0x3fd179[0xa]][_0x3fd179[0xb]]=function(){var _0x4d3b52=_0x1ec003,_0x13c21a=[_0x4d3b52(0x7f6),'eventCycles',_0x4d3b52(0x8b8),_0x4d3b52(0xbca),_0x4d3b52(0xc8a),_0x4d3b52(0xb4b)],_0x22c48f=this,
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 65 3d 5f 30 78 31 32 65 31 30 31 2c 5f 30 78 62 31 32 32 36 61 3d 5b 5f 30 78 32 39 39 31 31 65 28 30 78 38 36 35 29 2c 5f 30 78 32 39 39 31 31 65 28 30 78 31 36 61 29 2c 27 2c 27 2c 5f 30 78 32 39 39 31 31 65 28 30 78 62 64 61 29 2c 5f 30 78 32 39 39 31 31 65 28 30 78 34 39 30 29 2c 5f 30 78 32 39 39 31 31 65 28 30 78 39 61 37 29 2c 27 74 79 70 65 27 2c 5f 30 78 32 39 39 31 31 65 28 30 78 31 35 35 29 2c 5f 30 78 32 39 39 31 31 65 28 30 78 32 31 38 29 2c 27 6b 65 79 57 61 73 50 72 65 73 73 65 64 27 2c 5f 30 78 32 39 39 31 31 65 28 30 78 62 62 35 29 2c 5f 30 78 32 39 39 31 31 65 28 30 78 63 34 34 29 2c 27 67 65 74 54 69 6d 65 27 2c 5f 30 78 32 39 39 31 31 65 28 30 78 62 30 39 29 2c 27 75 74 66 38 45 6e 63 6f 64 65 72 27 2c 5f 30 78 32 39 39 31 31 65 28 30 Data Ascii: e=_0x12e101,_0xb1226a=[_0x29911e(0x865),_0x29911e(0x16a),',',_0x29911e(0xbda),_0x29911e(0x490),_0x29911e(0x9a7),'type',_0x29911e(0x155),_0x29911e(0x218),'keyWasPressed',_0x29911e(0xbb5),_0x29911e(0xc44),'getTime',_0x29911e(0xb09),'utf8Encoder',_0x29911e(0
2024-10-14 03:48:17 UTC	16384	IN	Data Raw: 39 31 37 32 31 64 28 30 78 39 37 64 29 2c 5f 30 78 39 31 37 32 31 64 28 30 78 39 32 33 29 2c 5f 30 78 39 31 37 32 31 64 28 30 78 36 66 36 29 2c 5f 30 78 39 31 37 32 31 64 28 30 78 62 39 38 29 2c 5f 30 78 39 31 37 32 31 64 28 30 78 31 33 30 29 2c 5f 30 78 39 31 37 32 31 64 28 30 78 35 34 35 29 2c 27 6d 6d 27 2c 5f 30 78 39 31 37 32 31 64 28 30 78 36 64 65 29 2c 27 76 27 2c 27 62 69 6e 64 4d 6f 75 73 65 53 63 72 6f 6c 6c 48 61 6e 64 6c 65 72 27 2c 5f 30 78 39 31 37 32 31 64 28 30 78 39 64 39 29 2c 27 65 76 65 6e 74 73 27 2c 5f 30 78 39 31 37 32 31 64 28 30 78 39 64 36 29 2c 30 78 36 34 2c 27 64 65 66 61 75 6c 74 27 2c 30 78 30 2c 30 2e 36 31 39 32 38 30 31 32 32 37 36 37 39 37 33 36 2c 27 5c 78 32 30 27 2c 5f 30 78 39 31 37 32 31 64 28 30 78 39 62 64 29 2c Data Ascii: 91721d(0x97d),_0x91721d(0x923),_0x91721d(0x6f6),_0x91721d(0xb98),_0x91721d(0x130),_0x91721d(0x545),'mm',_0x91721d(0x6de),'v','bindMouseScrollHandler',_0x91721d(0x9d9),'events',_0x91721d(0x9d6),0x64,'default',0x0,0.6192801227679736,'\x20',_0x91721d(0x9bd),

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:16 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-10-14 03:48:17 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=132979 Date: Mon, 14 Oct 2024 03:48:17 GMT Content-Length: 55 Connection: close X-CID: 2
2024-10-14 03:48:17 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	1251	OUT	GET /bundles/index.563cd3fc21b70465916a.js HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
2024-10-14 03:48:18 UTC	1432	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:18 GMT Content-Type: application/javascript Content-Length: 4673944 Connection: close Set-Cookie: AWSALBTG=psOa612f3ohsA6WCHkxCFH+KRy/gVniL1ck07nxfbCw44Gb8oQQ1hGVDNhzGf2E/ggtctad7XcsCbQ2508tKTWr3idoNvVPXEmqe7dLciaj2pLdIqwb5NEiwNVRf2UZGNvbLZ8eH9GjF8s3S4jEjuG7POl4SSGVd4lEB5nMjE/a9; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBTGCORS=psOa612f3ohsA6WCHkxCFH+KRy/gVniL1ck07nxfbCw44Gb8oQQ1hGVDNhzGf2E/ggtctad7XcsCbQ2508tKTWr3idoNvVPXEmqe7dLciaj2pLdIqwb5NEiwNVRf2UZGNvbLZ8eH9GjF8s3S4jEjuG7POl4SSGVd4lEB5nMjE/a9; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=JZsnP5rQELegEW6QhmZN1RZjd8znFDRhxEsaTPalx7k7Mp8APeJb0Z2ZOXYLYjWetSZDUIuatSFlNQSPvIXVDi8lXlD9vwzGgEpEiz/f394KYbQJAkvdDQ8cSQYw; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBCORS=JZsnP5rQELegEW6QhmZN1RZjd8znFDRhxEsaTPalx7k7Mp8APeJb0Z2ZOXYLYjWetSZDUIuatSFlNQSPvIXVDi8lXlD9vwzGgEpEiz/f394KYbQJAkvdDQ8cSQYw; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773acb7698" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:18 UTC	14952	IN	Data Raw: 2f 2a 21 20 46 6f 72 20 6c 69 63 65 6e 73 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 70 6c 65 61 73 65 20 73 65 65 20 69 6e 64 65 78 2e 35 36 33 63 64 33 66 63 32 31 62 37 30 34 36 35 39 31 36 61 2e 6a 73 2e 4c 49 43 45 4e 53 45 2e 74 78 74 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 2c 74 2c 6e 2c 72 2c 6f 3d 7b 36 31 32 34 32 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 6e 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 69 4e 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 78 7d 2c 52 5f 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 79 7d 2c 45 56 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 45 7d 2c 65 7a 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 62 7d 7d 29 3b 76 61 72 20 Data Ascii: /! For license information please see index.563cd3fc21b70465916a.js.LICENSE.txt /!function(){var e,t,n,r,o={61242:function(e,t,n){"use strict";n.d(t,{iN:function(){return x},R_:function(){return y},EV:function(){return E},ez:function(){return b}});var
2024-10-14 03:48:18 UTC	1432	IN	Data Raw: 65 2c 45 2c 45 2c 30 2c 30 2c 6f 2c 6c 2c 62 2c 6f 2c 77 3d 5b 5d 2c 64 2c 53 29 2c 53 29 2c 6f 2c 53 2c 64 2c 6c 2c 72 3f 77 3a 53 29 3b 62 72 65 61 6b 3b 64 65 66 61 75 6c 74 3a 42 65 28 78 2c 45 2c 45 2c 45 2c 5b 22 22 5d 2c 53 2c 30 2c 6c 2c 53 29 7d 7d 73 3d 75 3d 70 3d 30 2c 68 3d 67 3d 31 2c 62 3d 78 3d 22 22 2c 64 3d 61 3b 62 72 65 61 6b 3b 63 61 73 65 20 35 38 3a 64 3d 31 2b 76 65 28 78 29 2c 70 3d 6d 3b 64 65 66 61 75 6c 74 3a 69 66 28 68 3c 31 29 69 66 28 31 32 33 3d 3d 79 29 2d 2d 68 3b 65 6c 73 65 20 69 66 28 31 32 35 3d 3d 79 26 26 30 3d 3d 68 2b 2b 26 26 31 32 35 3d 3d 4f 65 28 29 29 63 6f 6e 74 69 6e 75 65 3b 73 77 69 74 63 68 28 78 2b 3d 75 65 28 79 29 2c 79 2a 68 29 7b 63 61 73 65 20 33 38 3a 67 3d 75 3e 30 3f 31 3a 28 78 2b 3d 22 5c 66 Data Ascii: e,E,E,0,0,o,l,b,o,w=[],d,S),S),o,S,d,l,r?w:S);break;default:Be(x,E,E,E,[""],S,0,l,S)}}s=u=p=0,h=g=1,b=x="",d=a;break;case 58:d=1+ve(x),p=m;default:if(h<1)if(123==y)--h;else if(125==y&&0==h++&&125==Oe())continue;switch(x+=ue(y),y*h){case 38:g=u>0?1:(x+="\f
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 5f 6d 75 6c 74 69 5f 76 61 6c 75 65 5f 22 3b 66 75 6e 63 74 69 6f 6e 20 58 65 28 65 29 7b 72 65 74 75 72 6e 20 79 65 28 6a 65 28 65 29 2c 62 65 29 2e 72 65 70 6c 61 63 65 28 2f 5c 7b 25 25 25 5c 3a 5b 5e 3b 5d 3b 7d 2f 67 2c 22 3b 22 29 7d 76 61 72 20 4a 65 3d 66 75 6e 63 74 69 6f 6e 20 65 28 74 29 7b 76 61 72 20 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 7b 7d 2c 72 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3a 7b 72 6f 6f 74 3a 21 30 2c 70 61 72 65 6e 74 53 65 6c 65 63 74 6f 72 73 3a 5b 5d 7d 2c 6c 3d 72 2e Data Ascii: _multi_value_";function Xe(e){return ye(je(e),be).replace(/\{%%%\:[^;];}/g,";")}var Je=function e(t){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{},r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{root:!0,parentSelectors:[]},l=r.
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 2c 69 3d 7b 69 63 6f 6e 3a 7b 74 61 67 3a 22 73 76 67 22 2c 61 74 74 72 73 3a 7b 76 69 65 77 42 6f 78 3a 22 30 20 30 20 31 30 32 34 20 31 30 32 34 22 2c 66 6f 63 75 73 61 62 6c 65 3a 22 66 61 6c 73 65 22 7d 2c 63 68 69 6c 64 72 65 6e 3a 5b 7b 74 61 67 3a 22 70 61 74 68 22 2c 61 74 74 72 73 3a 7b 64 3a 22 4d 39 38 38 20 35 34 38 63 2d 31 39 2e 39 20 30 2d 33 36 2d 31 36 2e 31 2d 33 36 2d 33 36 20 30 2d 35 39 2e 34 2d 31 31 2e 36 2d 31 31 37 2d 33 34 2e 36 2d 31 37 31 2e 33 61 34 34 30 2e 34 35 20 34 34 30 2e 34 35 20 30 20 30 30 2d 39 34 2e 33 2d 31 33 39 2e 39 20 34 33 37 2e 37 31 20 34 33 37 2e 37 31 20 30 20 30 30 2d 31 33 39 2e 39 2d 39 34 2e 33 43 36 32 39 20 38 33 2e 36 20 35 37 31 2e 34 20 37 32 20 35 31 32 20 37 32 63 2d 31 39 2e 39 20 30 2d 33 36 Data Ascii: ,i={icon:{tag:"svg",attrs:{viewBox:"0 0 1024 1024",focusable:"false"},children:[{tag:"path",attrs:{d:"M988 548c-19.9 0-36-16.1-36-36 0-59.4-11.6-117-34.6-171.3a440.45 440.45 0 00-94.3-139.9 437.71 437.71 0 00-139.9-94.3C629 83.6 571.4 72 512 72c-19.9 0-36
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 2e 2e 22 29 2e 63 6f 6e 63 61 74 28 74 68 69 73 2e 5f 63 65 6c 6c 43 6f 75 6e 74 29 29 3b 69 66 28 65 3e 74 68 69 73 2e 5f 6c 61 73 74 4d 65 61 73 75 72 65 64 49 6e 64 65 78 29 66 6f 72 28 76 61 72 20 74 3d 74 68 69 73 2e 67 65 74 53 69 7a 65 41 6e 64 50 6f 73 69 74 69 6f 6e 4f 66 4c 61 73 74 4d 65 61 73 75 72 65 64 43 65 6c 6c 28 29 2c 6e 3d 74 2e 6f 66 66 73 65 74 2b 74 2e 73 69 7a 65 2c 72 3d 74 68 69 73 2e 5f 6c 61 73 74 4d 65 61 73 75 72 65 64 49 6e 64 65 78 2b 31 3b 72 3c 3d 65 3b 72 2b 2b 29 7b 76 61 72 20 6f 3d 74 68 69 73 2e 5f 63 65 6c 6c 53 69 7a 65 47 65 74 74 65 72 28 7b 69 6e 64 65 78 3a 72 7d 29 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 6f 7c 7c 69 73 4e 61 4e 28 6f 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 49 6e 76 61 6c 69 64 20 73 69 7a Data Ascii: ..").concat(this._cellCount));if(e>this._lastMeasuredIndex)for(var t=this.getSizeAndPositionOfLastMeasuredCell(),n=t.offset+t.size,r=this._lastMeasuredIndex+1;r<=e;r++){var o=this._cellSizeGetter({index:r});if(void 0===o\|\|isNaN(o))throw Error("Invalid siz
2024-10-14 03:48:18 UTC	8949	IN	Data Raw: 69 74 69 6f 6e 4d 61 6e 61 67 65 72 2c 70 72 65 76 69 6f 75 73 43 65 6c 6c 73 43 6f 75 6e 74 3a 65 2e 72 6f 77 43 6f 75 6e 74 2c 70 72 65 76 69 6f 75 73 43 65 6c 6c 53 69 7a 65 3a 65 2e 72 6f 77 48 65 69 67 68 74 2c 70 72 65 76 69 6f 75 73 53 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 3a 65 2e 73 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 2c 70 72 65 76 69 6f 75 73 53 63 72 6f 6c 6c 54 6f 49 6e 64 65 78 3a 65 2e 73 63 72 6f 6c 6c 54 6f 52 6f 77 2c 70 72 65 76 69 6f 75 73 53 69 7a 65 3a 65 2e 68 65 69 67 68 74 2c 73 63 72 6f 6c 6c 4f 66 66 73 65 74 3a 76 2c 73 63 72 6f 6c 6c 54 6f 41 6c 69 67 6e 6d 65 6e 74 3a 73 2c 73 63 72 6f 6c 6c 54 6f 49 6e 64 65 78 3a 64 2c 73 69 7a 65 3a 6c 2c 73 69 7a 65 4a 75 73 74 49 6e 63 72 65 61 73 65 64 46 72 6f 6d Data Ascii: itionManager,previousCellsCount:e.rowCount,previousCellSize:e.rowHeight,previousScrollToAlignment:e.scrollToAlignment,previousScrollToIndex:e.scrollToRow,previousSize:e.height,scrollOffset:v,scrollToAlignment:s,scrollToIndex:d,size:l,sizeJustIncreasedFrom
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 2c 63 6f 6d 70 75 74 65 4d 65 74 61 64 61 74 61 43 61 6c 6c 62 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 2e 63 6f 6c 75 6d 6e 53 69 7a 65 41 6e 64 50 6f 73 69 74 69 6f 6e 4d 61 6e 61 67 65 72 2e 72 65 73 65 74 43 65 6c 6c 28 30 29 7d 2c 63 6f 6d 70 75 74 65 4d 65 74 61 64 61 74 61 43 61 6c 6c 62 61 63 6b 50 72 6f 70 73 3a 65 2c 6e 65 78 74 43 65 6c 6c 73 43 6f 75 6e 74 3a 65 2e 63 6f 6c 75 6d 6e 43 6f 75 6e 74 2c 6e 65 78 74 43 65 6c 6c 53 69 7a 65 3a 22 6e 75 6d 62 65 72 22 3d 3d 74 79 70 65 6f 66 20 65 2e 63 6f 6c 75 6d 6e 57 69 64 74 68 3f 65 2e 63 6f 6c 75 6d 6e 57 69 64 74 68 3a 6e 75 6c 6c 2c 6e 65 78 74 53 63 72 6f 6c 6c 54 6f 49 6e 64 65 78 3a 65 2e 73 63 72 6f 6c 6c 54 6f 43 6f 6c 75 6d 6e 2c 73 63 72 6f 6c 6c 54 6f 49 Data Ascii: ,computeMetadataCallback:function(){return a.columnSizeAndPositionManager.resetCell(0)},computeMetadataCallbackProps:e,nextCellsCount:e.columnCount,nextCellSize:"number"==typeof e.columnWidth?e.columnWidth:null,nextScrollToIndex:e.scrollToColumn,scrollToI
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 5f 6d 61 79 62 65 4d 65 61 73 75 72 65 43 65 6c 6c 28 29 7d 7d 2c 7b 6b 65 79 3a 22 72 65 6e 64 65 72 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 70 72 6f 70 73 2e 63 68 69 6c 64 72 65 6e 3b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 3f 65 28 7b 6d 65 61 73 75 72 65 3a 74 68 69 73 2e 5f 6d 65 61 73 75 72 65 2c 72 65 67 69 73 74 65 72 43 68 69 6c 64 3a 74 68 69 73 2e 5f 72 65 67 69 73 74 65 72 43 68 69 6c 64 7d 29 3a 65 7d 7d 2c 7b 6b 65 79 3a 22 5f 67 65 74 43 65 6c 6c 4d 65 61 73 75 72 65 6d 65 6e 74 73 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 70 72 6f 70 73 2e Data Ascii: value:function(){this._maybeMeasureCell()}},{key:"render",value:function(){var e=this.props.children;return"function"==typeof e?e({measure:this._measure,registerChild:this._registerChild}):e}},{key:"_getCellMeasurements",value:function(){var e=this.props.
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 64 65 78 3a 6c 2c 73 74 6f 70 49 6e 64 65 78 3a 63 7d 29 7d 69 66 28 61 2e 6c 65 6e 67 74 68 29 66 6f 72 28 76 61 72 20 66 3d 61 5b 30 5d 3b 66 2e 73 74 6f 70 49 6e 64 65 78 2d 66 2e 73 74 61 72 74 49 6e 64 65 78 2b 31 3c 6e 26 26 66 2e 73 74 61 72 74 49 6e 64 65 78 3e 30 3b 29 7b 76 61 72 20 70 3d 66 2e 73 74 61 72 74 49 6e 64 65 78 2d 31 3b 69 66 28 74 28 7b 69 6e 64 65 78 3a 70 7d 29 29 62 72 65 61 6b 3b 66 2e 73 74 61 72 74 49 6e 64 65 78 3d 70 7d 72 65 74 75 72 6e 20 61 7d 28 7b 69 73 52 6f 77 4c 6f 61 64 65 64 3a 69 2c 6d 69 6e 69 6d 75 6d 42 61 74 63 68 53 69 7a 65 3a 61 2c 72 6f 77 43 6f 75 6e 74 3a 63 2c 73 74 61 72 74 49 6e 64 65 78 3a 4d 61 74 68 2e 6d 61 78 28 30 2c 65 2d 73 29 2c 73 74 6f 70 49 6e 64 65 78 3a 4d 61 74 68 2e 6d 69 6e 28 63 2d Data Ascii: dex:l,stopIndex:c})}if(a.length)for(var f=a[0];f.stopIndex-f.startIndex+1<n&&f.startIndex>0;){var p=f.startIndex-1;if(t({index:p}))break;f.startIndex=p}return a}({isRowLoaded:i,minimumBatchSize:a,rowCount:c,startIndex:Math.max(0,e-s),stopIndex:Math.min(c-
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 68 69 73 2e 5f 70 6f 73 69 74 69 6f 6e 43 61 63 68 65 2e 73 65 74 50 6f 73 69 74 69 6f 6e 28 69 2c 6c 2c 63 2c 72 2e 67 65 74 48 65 69 67 68 74 28 69 29 29 7d 7d 7d 5d 2c 5b 7b 6b 65 79 3a 22 67 65 74 44 65 72 69 76 65 64 53 74 61 74 65 46 72 6f 6d 50 72 6f 70 73 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 76 6f 69 64 20 30 21 3d 3d 65 2e 73 63 72 6f 6c 6c 54 6f 70 26 26 74 2e 73 63 72 6f 6c 6c 54 6f 70 21 3d 3d 65 2e 73 63 72 6f 6c 6c 54 6f 70 3f 7b 69 73 53 63 72 6f 6c 6c 69 6e 67 3a 21 30 2c 73 63 72 6f 6c 6c 54 6f 70 3a 65 2e 73 63 72 6f 6c 6c 54 6f 70 7d 3a 6e 75 6c 6c 7d 7d 5d 29 2c 74 7d 28 6d 2e 50 75 72 65 43 6f 6d 70 6f 6e 65 6e 74 29 2c 28 30 2c 70 2e 5a 29 28 61 74 2c 22 70 72 6f 70 54 79 70 65 73 22 Data Ascii: his._positionCache.setPosition(i,l,c,r.getHeight(i))}}}],[{key:"getDerivedStateFromProps",value:function(e,t){return void 0!==e.scrollTop&&t.scrollTop!==e.scrollTop?{isScrolling:!0,scrollTop:e.scrollTop}:null}}]),t}(m.PureComponent),(0,p.Z)(at,"propTypes"

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	1469	OUT	GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
2024-10-14 03:48:18 UTC	1429	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:18 GMT Content-Type: application/javascript Content-Length: 5339 Connection: close Set-Cookie: AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a8c33db" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:18 UTC	5339	IN	Data Raw: 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 31 38 36 33 5d 2c 7b 36 36 35 33 33 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 2c 6f 29 7b 76 61 72 20 65 3d 6f 28 38 30 38 31 29 2c 66 3d 6f 28 32 33 36 34 35 29 2c 72 3d 6f 28 36 31 36 36 37 29 2c 69 3d 6f 28 34 34 35 35 30 29 2c 61 3d 6f 28 31 37 39 37 29 2c 73 3d 6f 28 38 35 34 39 33 29 2c 63 3d 6f 28 36 36 34 30 36 29 2c 6c 3d 6f 28 32 36 30 38 32 29 2c 70 3d 6f 28 34 34 30 39 33 29 2c 75 3d 6f 28 33 35 37 31 35 29 2c 64 Data Ascii: (self.webpackChunk_sharefiledev_sharefile_appshell=self.webpackChunk_sharefiledev_sharefile_appshell\|\|[]).push([[1863],{66533:function(n,t,o){var e=o(8081),f=o(23645),r=o(61667),i=o(44550),a=o(1797),s=o(85493),c=o(66406),l=o(26082),p=o(44093),u=o(35715),d

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	1469	OUT	GET /bundles/92fe442fb8f2d1f7093b.js HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALBTGCORS=DsOl/dmM/SgSp7azb3JSc1IXxwZyCy/mxXszm0AdDQKcJX281XAwKbPg53Jkc3qMLkJ7Ajm8aP1pwA0NC7DxcGD5zBs799pKYvT+bE71Wjfw8W6KhyvXKKye3gVk4bPN5lFaJvzy1YGHxU3gmNENXTXNEvQonz9M3Jp04s5ikEcH; AWSALB=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H; AWSALBCORS=ITc3gJgjhcZsX0AMtunpz/Wk8S9vi0b4iD73QNIbjnGC+tEMJWzt96VR23rqruEAdqmChRUtKFhp1bgsckbT3vVL2y8FIJZYi+aBZKaNS7a3/OnL9cpjTeWqrg3H
2024-10-14 03:48:18 UTC	1431	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:18 GMT Content-Type: application/javascript Content-Length: 310527 Connection: close Set-Cookie: AWSALBTG=+vcv8yA69WA5oAUdhoSR3mFoYJS89P73Ye3plim1eklKNEIYnEwAqzPl95pqbhtW1+wIrsVFYVuoj4k9YN9qaomKOOuvixSX7m29lYU6TDPwIDdLbBA+ZdddbB3ed7xIn//PpP4FbW/157Mi3/sndNBbCLWOS6qBOttYWHwoY51P; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBTGCORS=+vcv8yA69WA5oAUdhoSR3mFoYJS89P73Ye3plim1eklKNEIYnEwAqzPl95pqbhtW1+wIrsVFYVuoj4k9YN9qaomKOOuvixSX7m29lYU6TDPwIDdLbBA+ZdddbB3ed7xIn//PpP4FbW/157Mi3/sndNBbCLWOS6qBOttYWHwoY51P; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=oZR+MD5SiWEGbMN+YIncNJf/+KeTlG+B1sQ5lh1lubg2Ly6bX/Z2zW7UIV6MkDYnuuyiEn6QlbbTAm5IJjqKPvmcXfZ32j10od6pDoIDzI6aJcoWHvjnh9qkQfOU; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBCORS=oZR+MD5SiWEGbMN+YIncNJf/+KeTlG+B1sQ5lh1lubg2Ly6bX/Z2zW7UIV6MkDYnuuyiEn6QlbbTAm5IJjqKPvmcXfZ32j10od6pDoIDzI6aJcoWHvjnh9qkQfOU; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a889bff" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:18 UTC	8459	IN	Data Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 31 33 36 30 5d 2c 7b 33 31 33 36 30 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 65 2c 6e 29 7b 6e 2e 72 28 65 29 2c 6e 2e 64 28 65 2c 7b 42 72 65 61 64 63 72 75 6d 62 73 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 44 6f 7d 2c 42 72 6f 77 73 65 72 43 6c 69 65 6e 74 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 41 73 7d 2c 42 72 6f 77 73 65 72 50 72 6f 66 69 6c 69 6e 67 Data Ascii: "use strict";(self.webpackChunk_sharefiledev_sharefile_appshell=self.webpackChunk_sharefiledev_sharefile_appshell\|\|[]).push([[1360],{31360:function(t,e,n){n.r(e),n.d(e,{Breadcrumbs:function(){return Do},BrowserClient:function(){return As},BrowserProfiling
2024-10-14 03:48:18 UTC	7925	IN	Data Raw: 7b 74 3d 21 31 7d 2c 69 73 45 6e 61 62 6c 65 64 3a 28 29 3d 3e 74 7d 3b 72 65 74 75 72 6e 20 4d 3f 4f 2e 66 6f 72 45 61 63 68 28 28 6e 3d 3e 7b 65 5b 6e 5d 3d 28 2e 2e 2e 65 29 3d 3e 7b 74 26 26 44 28 28 28 29 3d 3e 7b 62 2e 63 6f 6e 73 6f 6c 65 5b 6e 5d 28 60 53 65 6e 74 72 79 20 4c 6f 67 67 65 72 20 5b 24 7b 6e 7d 5d 3a 60 2c 2e 2e 2e 65 29 7d 29 29 7d 7d 29 29 3a 4f 2e 66 6f 72 45 61 63 68 28 28 74 3d 3e 7b 65 5b 74 5d 3d 28 29 3d 3e 7b 7d 7d 29 29 2c 65 7d 28 29 3b 66 75 6e 63 74 69 6f 6e 20 4c 28 74 2c 65 3d 30 29 7b 72 65 74 75 72 6e 22 73 74 72 69 6e 67 22 21 3d 74 79 70 65 6f 66 20 74 7c 7c 30 3d 3d 3d 65 7c 7c 74 2e 6c 65 6e 67 74 68 3c 3d 65 3f 74 3a 60 24 7b 74 2e 73 6c 69 63 65 28 30 2c 65 29 7d 2e 2e 2e 60 7d 66 75 6e 63 74 69 6f 6e 20 50 28 Data Ascii: {t=!1},isEnabled:()=>t};return M?O.forEach((n=>{e[n]=(...e)=>{t&&D((()=>{b.console[n](`Sentry Logger [${n}]:`,...e)}))}})):O.forEach((t=>{e[t]=()=>{}})),e}();function L(t,e=0){return"string"!=typeof t\|\|0===e\|\|t.length<=e?t:`${t.slice(0,e)}...`}function P(
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 2d 39 61 2d 66 5d 7b 33 32 7d 29 3f 2d 3f 28 5b 30 2d 39 61 2d 66 5d 7b 31 36 7d 29 3f 2d 3f 28 5b 30 31 5d 29 3f 5b 20 5c 5c 74 5d 2a 24 22 29 3b 66 75 6e 63 74 69 6f 6e 20 43 74 28 74 29 7b 69 66 28 21 74 29 72 65 74 75 72 6e 3b 63 6f 6e 73 74 20 65 3d 74 2e 6d 61 74 63 68 28 54 74 29 3b 69 66 28 21 65 29 72 65 74 75 72 6e 3b 6c 65 74 20 6e 3b 72 65 74 75 72 6e 22 31 22 3d 3d 3d 65 5b 33 5d 3f 6e 3d 21 30 3a 22 30 22 3d 3d 3d 65 5b 33 5d 26 26 28 6e 3d 21 31 29 2c 7b 74 72 61 63 65 49 64 3a 65 5b 31 5d 2c 70 61 72 65 6e 74 53 61 6d 70 6c 65 64 3a 6e 2c 70 61 72 65 6e 74 53 70 61 6e 49 64 3a 65 5b 32 5d 7d 7d 66 75 6e 63 74 69 6f 6e 20 49 74 28 74 2c 65 29 7b 63 6f 6e 73 74 20 6e 3d 43 74 28 74 29 2c 72 3d 77 74 28 65 29 2c 7b 74 72 61 63 65 49 64 3a 73 Data Ascii: -9a-f]{32})?-?([0-9a-f]{16})?-?([01])?[ \\t]*$");function Ct(t){if(!t)return;const e=t.match(Tt);if(!e)return;let n;return"1"===e[3]?n=!0:"0"===e[3]&&(n=!1),{traceId:e[1],parentSampled:n,parentSpanId:e[2]}}function It(t,e){const n=Ct(t),r=wt(e),{traceId:s
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 4f 62 6a 65 63 74 2e 67 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 74 29 3b 72 65 74 75 72 6e 20 65 3f 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 2e 6e 61 6d 65 3a 22 6e 75 6c 6c 20 70 72 6f 74 6f 74 79 70 65 22 7d 28 65 29 3b 72 65 74 75 72 6e 2f 5e 48 54 4d 4c 28 5c 77 2a 29 45 6c 65 6d 65 6e 74 24 2f 2e 74 65 73 74 28 73 29 3f 60 5b 48 54 4d 4c 45 6c 65 6d 65 6e 74 3a 20 24 7b 73 7d 5d 60 3a 60 5b 6f 62 6a 65 63 74 20 24 7b 73 7d 5d 60 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 60 2a 2a 6e 6f 6e 2d 73 65 72 69 61 6c 69 7a 61 62 6c 65 2a 2a 20 28 24 7b 74 7d 29 60 7d 76 61 72 20 72 7d 28 74 2c 65 29 3b 69 66 28 21 63 2e 73 74 61 72 74 73 57 69 74 68 28 22 5b 6f 62 6a 65 63 74 20 22 29 29 72 65 74 75 72 6e 20 63 3b 69 66 28 65 2e 5f 5f 73 65 6e 74 72 79 Data Ascii: Object.getPrototypeOf(t);return e?e.constructor.name:"null prototype"}(e);return/^HTML(\w)Element$/.test(s)?`[HTMLElement: ${s}]`:`[object ${s}]`}catch(t){return`non-serializable* (${t})`}var r}(t,e);if(!c.startsWith("[object "))return c;if(e.__sentry
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 63 6f 6e 73 74 72 75 63 74 6f 72 28 74 29 7b 69 66 28 74 68 69 73 2e 5f 6f 70 74 69 6f 6e 73 3d 74 2c 74 68 69 73 2e 5f 69 6e 74 65 67 72 61 74 69 6f 6e 73 3d 7b 7d 2c 74 68 69 73 2e 5f 69 6e 74 65 67 72 61 74 69 6f 6e 73 49 6e 69 74 69 61 6c 69 7a 65 64 3d 21 31 2c 74 68 69 73 2e 5f 6e 75 6d 50 72 6f 63 65 73 73 69 6e 67 3d 30 2c 74 68 69 73 2e 5f 6f 75 74 63 6f 6d 65 73 3d 7b 7d 2c 74 68 69 73 2e 5f 68 6f 6f 6b 73 3d 7b 7d 2c 74 68 69 73 2e 5f 65 76 65 6e 74 50 72 6f 63 65 73 73 6f 72 73 3d 5b 5d 2c 74 2e 64 73 6e 3f 74 68 69 73 2e 5f 64 73 6e 3d 62 6e 28 74 2e 64 73 6e 29 3a 4b 26 26 4e 2e 77 61 72 6e 28 22 4e 6f 20 44 53 4e 20 70 72 6f 76 69 64 65 64 2c 20 63 6c 69 65 6e 74 20 77 69 6c 6c 20 6e 6f 74 20 73 65 6e 64 20 65 76 65 6e 74 73 2e 22 29 2c 74 Data Ascii: constructor(t){if(this._options=t,this._integrations={},this._integrationsInitialized=!1,this._numProcessing=0,this._outcomes={},this._hooks={},this._eventProcessors=[],t.dsn?this._dsn=bn(t.dsn):K&&N.warn("No DSN provided, client will not send events."),t
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 61 6d 65 3d 74 2e 6e 61 6d 65 7c 7c 22 22 2c 74 68 69 73 2e 5f 6d 65 74 61 64 61 74 61 3d 7b 2e 2e 2e 74 2e 6d 65 74 61 64 61 74 61 7d 2c 74 68 69 73 2e 5f 74 72 69 6d 45 6e 64 3d 74 2e 74 72 69 6d 45 6e 64 2c 74 68 69 73 2e 74 72 61 6e 73 61 63 74 69 6f 6e 3d 74 68 69 73 3b 63 6f 6e 73 74 20 6e 3d 74 68 69 73 2e 5f 6d 65 74 61 64 61 74 61 2e 64 79 6e 61 6d 69 63 53 61 6d 70 6c 69 6e 67 43 6f 6e 74 65 78 74 3b 6e 26 26 28 74 68 69 73 2e 5f 66 72 6f 7a 65 6e 44 79 6e 61 6d 69 63 53 61 6d 70 6c 69 6e 67 43 6f 6e 74 65 78 74 3d 7b 2e 2e 2e 6e 7d 29 7d 67 65 74 20 6e 61 6d 65 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 6e 61 6d 65 7d 73 65 74 20 6e 61 6d 65 28 74 29 7b 74 68 69 73 2e 73 65 74 4e 61 6d 65 28 74 29 7d 67 65 74 20 6d 65 74 61 64 61 74 61 28 Data Ascii: ame=t.name\|\|"",this._metadata={...t.metadata},this._trimEnd=t.trimEnd,this.transaction=this;const n=this._metadata.dynamicSamplingContext;n&&(this._frozenDynamicSamplingContext={...n})}get name(){return this._name}set name(t){this.setName(t)}get metadata(
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 73 64 6b 3d 7b 6e 61 6d 65 3a 60 73 65 6e 74 72 79 2e 6a 61 76 61 73 63 72 69 70 74 2e 24 7b 65 7d 60 2c 70 61 63 6b 61 67 65 73 3a 6e 2e 6d 61 70 28 28 74 3d 3e 28 7b 6e 61 6d 65 3a 60 24 7b 72 7d 3a 40 73 65 6e 74 72 79 2f 24 7b 74 7d 60 2c 76 65 72 73 69 6f 6e 3a 56 74 7d 29 29 29 2c 76 65 72 73 69 6f 6e 3a 56 74 7d 29 2c 74 2e 5f 6d 65 74 61 64 61 74 61 3d 73 7d 76 61 72 20 76 73 3d 6e 28 36 38 35 31 38 29 3b 63 6f 6e 73 74 20 62 73 3d 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 5f 5f 53 45 4e 54 52 59 5f 44 45 42 55 47 5f 5f 7c 7c 5f 5f 53 45 4e 54 52 59 5f 44 45 42 55 47 5f 5f 3b 66 75 6e 63 74 69 6f 6e 20 53 73 28 74 2c 65 29 7b 63 6f 6e 73 74 20 6e 3d 77 73 28 74 2c 65 29 2c 72 3d 7b 74 79 70 65 3a 65 26 26 65 2e 6e 61 6d 65 2c 76 Data Ascii: sdk={name:`sentry.javascript.${e}`,packages:n.map((t=>({name:`${r}:@sentry/${t}`,version:Vt}))),version:Vt}),t._metadata=s}var vs=n(68518);const bs="undefined"==typeof __SENTRY_DEBUG__\|\|__SENTRY_DEBUG__;function Ss(t,e){const n=ws(t,e),r={type:e&&e.name,v
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 67 65 72 70 72 69 6e 74 3b 69 66 28 21 6e 26 26 21 72 29 72 65 74 75 72 6e 21 30 3b 69 66 28 6e 26 26 21 72 7c 7c 21 6e 26 26 72 29 72 65 74 75 72 6e 21 31 3b 74 72 79 7b 72 65 74 75 72 6e 21 28 6e 2e 6a 6f 69 6e 28 22 22 29 21 3d 3d 72 2e 6a 6f 69 6e 28 22 22 29 29 7d 63 61 74 63 68 28 74 29 7b 72 65 74 75 72 6e 21 31 7d 7d 66 75 6e 63 74 69 6f 6e 20 42 6f 28 74 29 7b 72 65 74 75 72 6e 20 74 2e 65 78 63 65 70 74 69 6f 6e 26 26 74 2e 65 78 63 65 70 74 69 6f 6e 2e 76 61 6c 75 65 73 26 26 74 2e 65 78 63 65 70 74 69 6f 6e 2e 76 61 6c 75 65 73 5b 30 5d 7d 66 75 6e 63 74 69 6f 6e 20 55 6f 28 74 29 7b 63 6f 6e 73 74 20 65 3d 74 2e 65 78 63 65 70 74 69 6f 6e 3b 69 66 28 65 29 74 72 79 7b 72 65 74 75 72 6e 20 65 2e 76 61 6c 75 65 73 5b 30 5d 2e 73 74 61 63 6b 74 Data Ascii: gerprint;if(!n&&!r)return!0;if(n&&!r\|\|!n&&r)return!1;try{return!(n.join("")!==r.join(""))}catch(t){return!1}}function Bo(t){return t.exception&&t.exception.values&&t.exception.values[0]}function Uo(t){const e=t.exception;if(e)try{return e.values[0].stackt
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 6e 2c 72 2c 73 29 3a 72 3a 52 61 28 74 2c 72 29 3a 72 7d 66 75 6e 63 74 69 6f 6e 20 44 61 28 74 2c 65 2c 6e 29 7b 72 65 74 75 72 6e 28 22 76 69 64 65 6f 22 3d 3d 3d 74 7c 7c 22 61 75 64 69 6f 22 3d 3d 3d 74 29 26 26 22 61 75 74 6f 70 6c 61 79 22 3d 3d 3d 65 7d 66 75 6e 63 74 69 6f 6e 20 4e 61 28 74 2c 65 2c 6e 3d 31 2f 30 2c 72 3d 30 29 7b 72 65 74 75 72 6e 20 74 3f 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 74 2e 45 4c 45 4d 45 4e 54 5f 4e 4f 44 45 7c 7c 72 3e 6e 3f 2d 31 3a 65 28 74 29 3f 72 3a 4e 61 28 74 2e 70 61 72 65 6e 74 4e 6f 64 65 2c 65 2c 6e 2c 72 2b 31 29 3a 2d 31 7d 66 75 6e 63 74 69 6f 6e 20 4c 61 28 74 2c 65 29 7b 72 65 74 75 72 6e 20 6e 3d 3e 7b 63 6f 6e 73 74 20 72 3d 6e 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 72 29 72 65 74 75 72 6e 21 31 3b 74 72 Data Ascii: n,r,s):r:Ra(t,r):r}function Da(t,e,n){return("video"===t\|\|"audio"===t)&&"autoplay"===e}function Na(t,e,n=1/0,r=0){return t?t.nodeType!==t.ELEMENT_NODE\|\|r>n?-1:e(t)?r:Na(t.parentNode,e,n,r+1):-1}function La(t,e){return n=>{const r=n;if(null===r)return!1;tr
2024-10-14 03:48:18 UTC	16384	IN	Data Raw: 65 28 29 2e 68 6f 73 74 29 2c 65 7d 66 75 6e 63 74 69 6f 6e 20 61 63 28 74 29 7b 63 6f 6e 73 74 20 65 3d 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3b 69 66 28 21 65 29 72 65 74 75 72 6e 21 31 3b 63 6f 6e 73 74 20 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 6c 65 74 20 65 2c 6e 3d 74 3b 66 6f 72 28 3b 65 3d 69 63 28 6e 29 3b 29 6e 3d 65 3b 72 65 74 75 72 6e 20 6e 7d 28 74 29 3b 72 65 74 75 72 6e 20 65 2e 63 6f 6e 74 61 69 6e 73 28 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 63 63 28 74 29 7b 63 6f 6e 73 74 20 65 3d 74 2e 6f 77 6e 65 72 44 6f 63 75 6d 65 6e 74 3b 72 65 74 75 72 6e 21 21 65 26 26 28 65 2e 63 6f 6e 74 61 69 6e 73 28 74 29 7c 7c 61 63 28 74 29 29 7d 66 75 6e 63 74 69 6f 6e 20 75 63 28 2e 2e 2e 74 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 Data Ascii: e().host),e}function ac(t){const e=t.ownerDocument;if(!e)return!1;const n=function(t){let e,n=t;for(;e=ic(n);)n=e;return n}(t);return e.contains(n)}function cc(t){const e=t.ownerDocument;return!!e&&(e.contains(t)\|\|ac(t))}function uc(...t){return function(

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	564	OUT	GET /agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js HTTP/1.1 Host: citrix-sharefile-content.customer.pendo.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:18 UTC	900	IN	HTTP/1.1 200 OK accept-ranges: bytes access-control-allow-origin: * access-control-expose-headers: * cache-control: max-age=450 content-type: application/javascript; charset=utf-8 date: Mon, 14 Oct 2024 03:48:18 GMT etag: "cab40547f5010262f136e37b7e1a9336" expires: Mon, 14 Oct 2024 03:55:48 GMT last-modified: Mon, 14 Oct 2024 03:14:41 GMT server: istio-envoy vary: Accept-Encoding x-goog-generation: 1728875681811486 x-goog-hash: crc32c=OsL4XA== x-goog-hash: md5=yrQFR/UBAmLxNuN7fhqTNg== x-goog-metageneration: 1 x-goog-storage-class: STANDARD x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 163901 x-guploader-uploadid: AHmUCY0wUZrBm_t7G3pFsz8t6uk-D9PP9gwp_tmCAzNdOwEzvaNp2lpq21DDMNdipI3jBhMSR5I x-envoy-upstream-service-time: 39 Via: 1.1 google Strict-Transport-Security: max-age=63072000 Alt-Svc: clear Connection: close Transfer-Encoding: chunked
2024-10-14 03:48:18 UTC	490	IN	Data Raw: 31 30 30 30 0d 0a 2f 2f 20 50 65 6e 64 6f 20 41 67 65 6e 74 20 57 72 61 70 70 65 72 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 34 20 50 65 6e 64 6f 2e 69 6f 2c 20 49 6e 63 2e 0a 2f 2f 20 45 6e 76 69 72 6f 6e 6d 65 6e 74 3a 20 20 20 20 70 72 6f 64 75 63 74 69 6f 6e 0a 2f 2f 20 41 67 65 6e 74 20 56 65 72 73 69 6f 6e 3a 20 20 32 2e 32 35 30 2e 31 0a 2f 2f 20 49 6e 73 74 61 6c 6c 65 64 3a 20 20 20 20 20 20 32 30 32 34 2d 31 30 2d 31 34 54 30 33 3a 31 34 3a 34 30 5a 0a 28 66 75 6e 63 74 69 6f 6e 20 28 50 65 6e 64 6f 43 6f 6e 66 69 67 29 20 7b 0a 2f 2a 0a 40 6c 69 63 65 6e 73 65 20 68 74 74 70 73 3a 2f 2f 61 67 65 6e 74 2e 70 65 6e 64 6f 2e 69 6f 2f 6c 69 63 65 6e 73 65 73 0a 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 57 62 2c 4b 62 2c 71 62 29 7b 21 66 75 Data Ascii: 1000// Pendo Agent Wrapper// Copyright 2024 Pendo.io, Inc.// Environment: production// Agent Version: 2.250.1// Installed: 2024-10-14T03:14:40Z(function (PendoConfig) {/@license https://agent.pendo.io/licenses/!function(Wb,Kb,qb){!fu
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 72 3d 74 68 69 73 2e 6c 65 6e 67 74 68 2c 6f 3d 65 7c 7c 30 2c 61 3d 28 74 3c 30 3f 72 2b 74 3a 74 7c 7c 72 29 2d 28 6f 3d 30 3c 3d 6f 3f 6f 3a 72 2b 6f 29 3b 69 66 28 30 3c 61 29 69 66 28 69 3d 6e 65 77 20 41 72 72 61 79 28 61 29 2c 74 68 69 73 2e 63 68 61 72 41 74 29 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 2e 63 68 61 72 41 74 28 6f 2b 6e 29 3b 65 6c 73 65 20 66 6f 72 28 6e 3d 30 3b 6e 3c 61 3b 6e 2b 2b 29 69 5b 6e 5d 3d 74 68 69 73 5b 6f 2b 6e 5d 3b 72 65 74 75 72 6e 20 69 7d 7d 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 72 69 6d 7c 7c 28 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 74 72 69 6d 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 72 65 70 6c 61 63 65 28 2f 5e 5b 5c Data Ascii: r=this.length,o=e\|\|0,a=(t<0?r+t:t\|\|r)-(o=0<=o?o:r+o);if(0<a)if(i=new Array(a),this.charAt)for(n=0;n<a;n++)i[n]=this.charAt(o+n);else for(n=0;n<a;n++)i[n]=this[o+n];return i}}String.prototype.trim\|\|(String.prototype.trim=function(){return this.replace(/^[\
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 61 28 22 68 65 78 22 29 3b 28 74 3d 69 3f 63 28 74 29 3a 74 29 2e 63 72 65 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 6c 7d 2c 74 2e 75 70 64 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 74 2e 63 72 65 61 74 65 28 29 2e 75 70 64 61 74 65 28 65 29 7d 3b 66 6f 72 28 76 61 72 20 65 3d 30 3b 65 3c 72 2e 6c 65 6e 67 74 68 3b 2b 2b 65 29 7b 76 61 72 20 6e 3d 72 5b 65 5d 3b 74 5b 6e 5d 3d 61 28 6e 29 7d 72 65 74 75 72 6e 20 74 7d 2c 63 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 6e 3d 65 76 61 6c 28 22 72 65 71 75 69 72 65 28 27 63 72 79 70 74 6f 27 29 22 29 2c 69 3d 65 76 61 6c 28 22 72 65 71 75 69 72 65 28 27 62 75 66 66 65 72 27 29 2e 42 Data Ascii: d=function(){var t=a("hex");(t=i?c(t):t).create=function(){return new l},t.update=function(e){return t.create().update(e)};for(var e=0;e<r.length;++e){var n=r[e];t[n]=a(n)}return t},c=function(t){var n=eval("require('crypto')"),i=eval("require('buffer').B
2024-10-14 03:48:18 UTC	834	IN	Data Raw: 3d 28 32 32 34 7c 74 3e 3e 31 32 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 3a 28 74 3d 36 35 35 33 36 2b 28 28 31 30 32 33 26 74 29 3c 3c 31 30 7c 31 30 32 33 26 65 2e 63 68 61 72 43 6f 64 65 41 74 28 2b 2b 72 29 29 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 32 34 30 7c 74 3e 3e 31 38 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 32 38 7c 74 3e 3e 31 32 26 36 33 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 29 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 32 38 7c 74 3e 3e 36 26 36 33 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 29 2c 61 5b 6e 3e 3e 32 5d 7c 3d 28 31 32 38 7c 36 33 26 74 29 3c 3c 75 5b 33 26 6e 2b 2b 5d 29 3b 74 68 69 73 2e 6c 61 73 74 42 79 74 65 49 6e 64 65 78 3d 6e 2c 74 68 69 73 2e 62 79 74 65 73 2b 3d 6e 2d 74 68 69 73 2e 73 74 61 72 74 2c 36 34 3c 3d 6e 3f 28 74 Data Ascii: =(224\|t>>12)<<u[3&n++]:(t=65536+((1023&t)<<10\|1023&e.charCodeAt(++r)),a[n>>2]\|=(240\|t>>18)<<u[3&n++],a[n>>2]\|=(128\|t>>12&63)<<u[3&n++]),a[n>>2]\|=(128\|t>>6&63)<<u[3&n++]),a[n>>2]\|=(128\|63&t)<<u[3&n++]);this.lastByteIndex=n,this.bytes+=n-this.start,64<=n?(t
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 31 30 30 30 0d 0a 6e 28 29 7b 66 6f 72 28 76 61 72 20 65 2c 74 3d 74 68 69 73 2e 68 30 2c 6e 3d 74 68 69 73 2e 68 31 2c 69 3d 74 68 69 73 2e 68 32 2c 72 3d 74 68 69 73 2e 68 33 2c 6f 3d 74 68 69 73 2e 68 34 2c 61 3d 74 68 69 73 2e 62 6c 6f 63 6b 73 2c 73 3d 31 36 3b 73 3c 38 30 3b 2b 2b 73 29 65 3d 61 5b 73 2d 33 5d 5e 61 5b 73 2d 38 5d 5e 61 5b 73 2d 31 34 5d 5e 61 5b 73 2d 31 36 5d 2c 61 5b 73 5d 3d 65 3c 3c 31 7c 65 3e 3e 3e 33 31 3b 66 6f 72 28 73 3d 30 3b 73 3c 32 30 3b 73 2b 3d 35 29 74 3d 28 65 3d 28 6e 3d 28 65 3d 28 69 3d 28 65 3d 28 72 3d 28 65 3d 28 6f 3d 28 65 3d 74 3c 3c 35 7c 74 3e 3e 3e 32 37 29 2b 28 6e 26 69 7c 7e 6e 26 72 29 2b 6f 2b 31 35 31 38 35 30 30 32 34 39 2b 61 5b 73 5d 3c 3c 30 29 3c 3c 35 7c 6f 3e 3e 3e 32 37 29 2b 28 74 26 28 Data Ascii: 1000n(){for(var e,t=this.h0,n=this.h1,i=this.h2,r=this.h3,o=this.h4,a=this.blocks,s=16;s<80;++s)e=a[s-3]^a[s-8]^a[s-14]^a[s-16],a[s]=e<<1\|e>>>31;for(s=0;s<20;s+=5)t=(e=(n=(e=(i=(e=(r=(e=(o=(e=t<<5\|t>>>27)+(n&i\|~n&r)+o+1518500249+a[s]<<0)<<5\|o>>>27)+(t&(
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 5e 28 6f 3d 6f 3c 3c 33 30 7c 6f 3e 3e 3e 32 29 5e 74 29 2b 6e 2d 38 39 39 34 39 37 35 31 34 2b 61 5b 73 2b 33 5d 3c 3c 30 29 3c 3c 35 7c 6e 3e 3e 3e 32 37 29 2b 28 69 5e 28 72 3d 72 3c 3c 33 30 7c 72 3e 3e 3e 32 29 5e 6f 29 2b 74 2d 38 39 39 34 39 37 35 31 34 2b 61 5b 73 2b 34 5d 3c 3c 30 2c 69 3d 69 3c 3c 33 30 7c 69 3e 3e 3e 32 3b 74 68 69 73 2e 68 30 3d 74 68 69 73 2e 68 30 2b 74 3c 3c 30 2c 74 68 69 73 2e 68 31 3d 74 68 69 73 2e 68 31 2b 6e 3c 3c 30 2c 74 68 69 73 2e 68 32 3d 74 68 69 73 2e 68 32 2b 69 3c 3c 30 2c 74 68 69 73 2e 68 33 3d 74 68 69 73 2e 68 33 2b 72 3c 3c 30 2c 74 68 69 73 2e 68 34 3d 74 68 69 73 2e 68 34 2b 6f 3c 3c 30 7d 2c 6c 2e 70 72 6f 74 6f 74 79 70 65 2e 68 65 78 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 66 69 6e 61 6c Data Ascii: ^(o=o<<30\|o>>>2)^t)+n-899497514+a[s+3]<<0)<<5\|n>>>27)+(i^(r=r<<30\|r>>>2)^o)+t-899497514+a[s+4]<<0,i=i<<30\|i>>>2;this.h0=this.h0+t<<0,this.h1=this.h1+n<<0,this.h2=this.h2+i<<0,this.h3=this.h3+r<<0,this.h4=this.h4+o<<0},l.prototype.hex=function(){this.final
2024-10-14 03:48:18 UTC	1324	IN	Data Raw: 74 29 2c 74 2e 65 78 70 6f 72 74 73 29 2c 4c 3d 65 28 69 29 2c 72 2c 6f 3d 7b 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 2c 63 72 65 61 74 65 48 54 4d 4c 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 7d 7d 3b 66 75 6e 63 74 69 6f 6e 20 78 65 28 65 29 7b 72 65 74 75 72 6e 20 72 7c 7c 28 72 3d 65 2e 74 72 75 73 74 65 64 54 79 70 65 73 50 6f 6c 69 63 79 7c 7c 28 57 62 2e 74 72 75 73 74 65 64 54 79 70 65 73 26 26 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 57 62 2e 74 72 75 73 74 65 64 54 79 70 65 73 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 3f 57 62 2e 74 72 75 73 74 65 64 54 79 70 65 73 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 70 65 6e 64 6f 22 2c 6f 29 3a 6f Data Ascii: t),t.exports),L=e(i),r,o={createScriptURL:function(e){return e},createHTML:function(e){return e}};function xe(e){return r\|\|(r=e.trustedTypesPolicy\|\|(Wb.trustedTypes&&"function"==typeof Wb.trustedTypes.createPolicy?Wb.trustedTypes.createPolicy("pendo",o):o
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 31 30 30 30 0d 0a 24 22 29 3a 73 29 69 6e 73 74 61 6e 63 65 6f 66 20 52 65 67 45 78 70 26 26 73 2e 74 65 73 74 28 74 2e 68 6f 73 74 29 29 72 65 74 75 72 6e 21 30 7d 72 65 74 75 72 6e 21 31 7d 66 75 6e 63 74 69 6f 6e 20 48 28 65 29 7b 72 65 74 75 72 6e 20 52 2e 75 69 6e 74 38 54 6f 42 61 73 65 36 34 28 4c 2e 63 72 65 61 74 65 28 29 2e 75 70 64 61 74 65 28 65 29 2e 64 69 67 65 73 74 28 29 29 7d 66 75 6e 63 74 69 6f 6e 20 6a 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 73 74 61 67 69 6e 67 41 67 65 6e 74 55 72 6c 26 26 65 5b 6b 5d 7d 66 75 6e 63 74 69 6f 6e 20 57 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 65 2e 73 74 61 67 69 6e 67 41 67 65 6e 74 55 72 6c 26 26 65 2e 73 74 61 67 69 6e 67 53 65 72 76 65 72 73 7d 76 61 72 20 4b 3d 5b 22 69 6e 69 74 69 61 6c Data Ascii: 1000$"):s)instanceof RegExp&&s.test(t.host))return!0}return!1}function H(e){return R.uint8ToBase64(L.create().update(e).digest())}function j(e){return e&&e.stagingAgentUrl&&e[k]}function W(e){return e&&e.stagingAgentUrl&&e.stagingServers}var K=["initial
2024-10-14 03:48:18 UTC	1390	IN	Data Raw: 21 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3b 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2e 73 65 6c 66 3d 3d 3d 73 65 6c 66 26 26 73 65 6c 66 7c 7c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 42 74 26 26 42 74 2e 67 6c 6f 62 61 6c 3d 3d 3d 42 74 26 26 42 74 7c 7c 46 75 6e 63 74 69 6f 6e 28 22 72 65 74 75 72 6e 20 74 68 69 73 22 29 28 29 7c 7c 7b 7d 2c 69 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2c 46 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2c 44 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3f 53 79 6d 62 6f 6c 2e 70 72 6f 74 6f 74 79 70 65 3a 6e 75 6c 6c 2c 47 3d 69 2e 70 75 73 68 2c 75 3d 69 Data Ascii: !function(){var e;e=function(){var e="object"==typeof self&&self.self===self&&self\|\|"object"==typeof Bt&&Bt.global===Bt&&Bt\|\|Function("return this")()\|\|{},i=Array.prototype,F=Object.prototype,D="undefined"!=typeof Symbol?Symbol.prototype:null,G=i.push,u=i
2024-10-14 03:48:18 UTC	1324	IN	Data Raw: 2e 64 6f 63 75 6d 65 6e 74 26 26 65 2e 64 6f 63 75 6d 65 6e 74 2e 63 68 69 6c 64 4e 6f 64 65 73 2c 66 3d 61 3d 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 2f 2e 2f 26 26 22 6f 62 6a 65 63 74 22 21 3d 74 79 70 65 6f 66 20 49 6e 74 38 41 72 72 61 79 26 26 22 66 75 6e 63 74 69 6f 6e 22 21 3d 74 79 70 65 6f 66 20 65 3f 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 7c 7c 21 31 7d 3a 61 2c 65 3d 72 28 22 4f 62 6a 65 63 74 22 29 2c 72 65 3d 6e 26 26 65 28 6e 65 77 20 44 61 74 61 56 69 65 77 28 6e 65 77 20 41 72 72 61 79 42 75 66 66 65 72 28 38 29 29 29 2c 61 3d 22 75 6e 64 65 66 69 6e 65 64 22 21 3d 74 79 70 65 6f 66 20 4d 61 70 26 26 65 28 6e 65 77 20 4d 61 70 29 2c 6e 3d 72 28 22 44 Data Ascii: .document&&e.document.childNodes,f=a="function"!=typeof/./&&"object"!=typeof Int8Array&&"function"!=typeof e?function(e){return"function"==typeof e\|\|!1}:a,e=r("Object"),re=n&&e(new DataView(new ArrayBuffer(8))),a="undefined"!=typeof Map&&e(new Map),n=r("D

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	588	OUT	GET /sf/v3/Accounts/Branding HTTP/1.1 Host: totalcanterbury0.sf-api.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: application/json, text/plain, / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://totalcanterbury0.sharefile.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:18 UTC	1692	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:18 GMT Content-Type: application/json; charset=utf-8 Content-Length: 2829 Connection: close Set-Cookie: AWSALBTG=y3mFLykAQyD3C3PQ6WWnmMS4ECeIzsdOjjRLYcY+XacKIzBjnMSKhC4UEWpWumbwN2mY7KyNfKxnsnPm1ysF3o3xl8EOUkNXUBM/ZCSTbRK5zhf7WrS3wZ8n3Kcfx8k0qYnJnmbrKvWVUf1llzwsG1zwrCWEYa3vfCFeANqbd74S; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBTGCORS=y3mFLykAQyD3C3PQ6WWnmMS4ECeIzsdOjjRLYcY+XacKIzBjnMSKhC4UEWpWumbwN2mY7KyNfKxnsnPm1ysF3o3xl8EOUkNXUBM/ZCSTbRK5zhf7WrS3wZ8n3Kcfx8k0qYnJnmbrKvWVUf1llzwsG1zwrCWEYa3vfCFeANqbd74S; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=d807JVFt9An8+dxzpJiQx2DOFRrO6t7qkXxA64ty4Yf1xGqsBabgHmOW4ax8fToXqDHZ/SBj0E+j32eeRILGlpRCR8iX2l+TAFS9PAm5pcx0e76MkDZjuPvWYTPH; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/ Set-Cookie: AWSALBCORS=d807JVFt9An8+dxzpJiQx2DOFRrO6t7qkXxA64ty4Yf1xGqsBabgHmOW4ax8fToXqDHZ/SBj0E+j32eeRILGlpRCR8iX2l+TAFS9PAm5pcx0e76MkDZjuPvWYTPH; Expires=Mon, 21 Oct 2024 03:48:18 GMT; Path=/; SameSite=None; Secure Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Access-Control-Expose-Headers: Authorization Cache-Control: no-store, no-cache Content-Language: en Expires: Sun, 13 Oct 2024 03:48:18 GMT Vary: Origin Citrix-TransactionId: 52ba0b84-aea4-4da7-82b2-a92cba039d41 CorrelationId: pR7krVMYLE-egu76EErKSA X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: DENY X-Robots-Tag: noindex X-SFAPI-AccountId: afad6241-3adc-5bd5-543c-575a98f97490 X-SFAPI-OAuthClientId: X-SFAPI-AppCode: _None X-SFAPI-RequestID: 2t0ifBfIzEWY3Bpdf521-g
2024-10-14 03:48:18 UTC	2829	IN	Data Raw: 7b 22 43 6f 6d 70 61 6e 79 4e 61 6d 65 22 3a 22 61 6d 61 61 61 22 2c 22 55 73 65 41 64 76 61 6e 63 65 64 43 75 73 74 6f 6d 42 72 61 6e 64 69 6e 67 22 3a 66 61 6c 73 65 2c 22 41 64 76 61 6e 63 65 64 43 75 73 74 6f 6d 42 72 61 6e 64 69 6e 67 46 6f 6c 64 65 72 4e 61 6d 65 22 3a 22 22 2c 22 42 72 61 6e 64 69 6e 67 53 74 79 6c 65 73 22 3a 7b 7d 2c 22 42 72 61 6e 64 69 6e 67 4c 69 6e 6b 73 22 3a 7b 22 6f 64 61 74 61 2e 74 79 70 65 22 3a 22 53 68 61 72 65 46 69 6c 65 2e 41 70 69 2e 4d 6f 64 65 6c 73 2e 42 72 61 6e 64 69 6e 67 4c 69 6e 6b 73 22 7d 2c 22 4c 6f 67 6f 55 52 4c 22 3a 22 22 2c 22 50 72 65 66 65 72 65 6e 63 65 73 22 3a 7b 22 45 6e 61 62 6c 65 43 6c 69 65 6e 74 53 65 6e 64 22 3a 66 61 6c 73 65 2c 22 45 6e 61 62 6c 65 53 53 4f 22 3a 74 72 75 65 2c 22 53 Data Ascii: {"CompanyName":"amaaa","UseAdvancedCustomBranding":false,"AdvancedCustomBrandingFolderName":"","BrandingStyles":{},"BrandingLinks":{"odata.type":"ShareFile.Api.Models.BrandingLinks"},"LogoURL":"","Preferences":{"EnableClientSend":false,"EnableSSO":true,"S

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:18 UTC	651	OUT	POST /0093b71e39a6/478ed03bbf12/verify HTTP/1.1 Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com Connection: keep-alive Content-Length: 8687 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain;charset=UTF-8 Accept: / Origin: https://totalcanterbury0.sharefile.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:18 UTC	8687	OUT	Data Raw: 7b 22 63 68 61 6c 6c 65 6e 67 65 22 3a 7b 22 69 6e 70 75 74 22 3a 22 65 79 4a 32 5a 58 4a 7a 61 57 39 75 49 6a 6f 78 4c 43 4a 31 59 6d 6c 6b 49 6a 6f 69 4d 6d 45 77 4d 6d 59 79 4d 47 4d 74 59 57 55 34 59 79 30 30 4e 6a 5a 68 4c 57 4a 6a 4e 6a 49 74 5a 6a 4d 32 4e 7a 41 79 4e 54 55 35 4e 7a 63 30 49 69 77 69 59 58 52 30 5a 57 31 77 64 46 39 70 5a 43 49 36 49 6d 59 78 5a 57 55 32 4d 57 59 35 4c 54 45 31 4d 54 63 74 4e 44 51 30 4f 53 31 68 4e 32 4a 6b 4c 54 4d 79 5a 57 46 6b 4f 57 4d 7a 4f 54 55 7a 5a 43 49 73 49 6d 4e 79 5a 57 46 30 5a 56 39 30 61 57 31 6c 49 6a 6f 69 4d 6a 41 79 4e 43 30 78 4d 43 30 78 4e 46 51 77 4d 7a 6f 30 4f 44 6f 78 4e 43 34 33 4f 44 41 78 4d 6a 59 79 4d 6a 5a 61 49 69 77 69 5a 47 6c 6d 5a 6d 6c 6a 64 57 78 30 65 53 49 36 4f 43 77 69 Data Ascii: {"challenge":{"input":"eyJ2ZXJzaW9uIjoxLCJ1YmlkIjoiMmEwMmYyMGMtYWU4Yy00NjZhLWJjNjItZjM2NzAyNTU5Nzc0IiwiYXR0ZW1wdF9pZCI6ImYxZWU2MWY5LTE1MTctNDQ0OS1hN2JkLTMyZWFkOWMzOTUzZCIsImNyZWF0ZV90aW1lIjoiMjAyNC0xMC0xNFQwMzo0ODoxNC43ODAxMjYyMjZaIiwiZGlmZmljdWx0eSI6OCwi
2024-10-14 03:48:19 UTC	615	IN	HTTP/1.1 200 OK Content-Type: application/json Content-Length: 296 Connection: close Date: Mon, 14 Oct 2024 03:48:19 GMT access-control-max-age: 86400 access-control-allow-origin: * access-control-allow-methods: OPTIONS,GET,POST cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: 0 x-amzn-waf-challenge-id: Root=1-670c9483-58f40c686a575e5a6cfa52ce X-Cache: Miss from cloudfront Via: 1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: jCoE0EDa1yIuIcuSsCrAPmylyZJT3YXbi1H8P6M9JgLDNf73R-JgHg==
2024-10-14 03:48:19 UTC	296	IN	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 22 34 61 64 66 64 32 33 33 2d 39 36 31 62 2d 34 38 66 64 2d 39 64 30 38 2d 31 63 66 35 62 38 31 31 35 65 39 35 3a 45 51 6f 41 71 5a 45 61 62 50 77 55 41 41 41 41 3a 5a 53 52 56 50 4a 72 63 5a 4f 69 7a 4a 49 71 6b 68 63 44 68 4b 77 51 58 6c 38 49 4b 7a 6c 63 32 72 50 6b 43 6c 79 44 2b 4f 36 34 64 6b 48 50 73 65 44 32 50 2b 47 76 2f 71 4b 79 63 31 43 65 4a 65 62 62 72 48 77 4e 35 4f 4d 5a 50 62 52 34 54 56 72 6a 39 39 6b 33 53 37 69 7a 53 4d 35 74 43 62 55 61 7a 70 30 42 68 57 53 65 6f 6d 69 45 4f 7a 69 53 4d 6c 56 46 5a 50 47 70 72 6e 52 72 35 49 61 44 57 37 73 32 51 4f 71 47 72 63 42 34 6f 50 32 4e 54 39 57 6c 71 54 66 53 75 78 37 79 47 30 68 50 55 44 34 56 34 43 4c 54 58 4c 6b 39 42 72 4f 42 6e 67 4b 58 6b 43 31 63 6d 52 70 64 Data Ascii: {"token":"4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAqZEabPwUAAAA:ZSRVPJrcZOizJIqkhcDhKwQXl8IKzlc2rPkClyD+O64dkHPseD2P+Gv/qKyc1CeJebbrHwN5OMZPbR4TVrj99k3S7izSM5tCbUazp0BhWSeomiEOziSMlVFZPGprnRr5IaDW7s2QOqGrcB4oP2NT9WlqTfSux7yG0hPUD4V4CLTXLk9BrOBngKXkC1cmRpd

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Language, Device and Operating System Detection

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\AppData\Local\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\3B28D87C-1702-4267-8E30-2F7FAA6BA453

C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxAccountsAlwaysOnLog.etl

C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\HxmAlwaysOnLog.etl

C:\Users\user\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Settings\settings.dat

Chrome Cache Entry: 145

Chrome Cache Entry: 146

Chrome Cache Entry: 147

Chrome Cache Entry: 148

Chrome Cache Entry: 149

Chrome Cache Entry: 150

Chrome Cache Entry: 151

Chrome Cache Entry: 152

Chrome Cache Entry: 153

Chrome Cache Entry: 154

Chrome Cache Entry: 155

Chrome Cache Entry: 156

Chrome Cache Entry: 157

Chrome Cache Entry: 158

Chrome Cache Entry: 159

Chrome Cache Entry: 160

Chrome Cache Entry: 161

Chrome Cache Entry: 162

Chrome Cache Entry: 163

Windows Analysis Report
https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:19 UTC	1515	OUT	GET /bundles/af15e31c70fab7cfd55c.woff2 HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://totalcanterbury0.sharefile.com/public/share/web-034ada86e7d04d74 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
2024-10-14 03:48:19 UTC	1418	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:19 GMT Content-Type: font/woff2 Content-Length: 36944 Connection: close Set-Cookie: AWSALBTG=Z2YattWy2TgaK2a1KWGibStYD4Df661ZHBLgBu/FpmeNvknZGmkq8d6m2EBHvo40sAcz0eDdKYxblWSxOBdu4BQVCJBw3AwDQ/XNb51l0n7qioZwXJqUlINFZvzmQdo0Z/CDn6HL2nzTm297QgavDuLvF/4EAor2DXnWdOYFEUUY; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/ Set-Cookie: AWSALBTGCORS=Z2YattWy2TgaK2a1KWGibStYD4Df661ZHBLgBu/FpmeNvknZGmkq8d6m2EBHvo40sAcz0eDdKYxblWSxOBdu4BQVCJBw3AwDQ/XNb51l0n7qioZwXJqUlINFZvzmQdo0Z/CDn6HL2nzTm297QgavDuLvF/4EAor2DXnWdOYFEUUY; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=fTbDPhhQfKjp9NJZQrSUa2Sdw1xpKhbkwHPM1ylpzD4aEXhThXJwnOe4g3MyO0QtySNalV87LDDeMeAKd+rlneQBWDA+LPffZilblKWKG7if0HrhTXIsKMr/85+x; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/ Set-Cookie: AWSALBCORS=fTbDPhhQfKjp9NJZQrSUa2Sdw1xpKhbkwHPM1ylpzD4aEXhThXJwnOe4g3MyO0QtySNalV87LDDeMeAKd+rlneQBWDA+LPffZilblKWKG7if0HrhTXIsKMr/85+x; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a8cb750" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:19 UTC	8472	IN	Data Raw: 77 4f 46 32 00 01 00 00 00 00 90 50 00 11 00 00 00 01 8d e8 00 00 8f eb 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 81 02 1b f5 78 1c a2 5c 06 60 00 ab 44 08 60 09 9c 15 11 08 0a 83 e8 00 83 aa 08 01 36 02 24 03 92 54 0b 89 2c 00 04 20 05 89 56 07 a6 3b 0c 81 3d 5b 1a 69 91 00 3a 87 1d 53 08 6a 8c bf 6e 43 80 85 9a da b5 cf 3f e0 11 72 dd af 1a e5 a0 f3 c4 0b 3c 69 43 2c 11 8f ed 22 74 27 5a 64 2d da bb ad ec ff ff ff ff fc 64 12 c7 6e 7b 6e db 3f 04 a2 24 aa 74 d2 3c 84 23 27 84 ce f4 92 d2 b4 32 b2 d6 11 8d 20 fb c0 2d a4 09 1b 72 94 2c 72 09 8c 21 bc 20 e0 72 72 9f c3 1c 94 b6 74 e4 0d 77 1a b8 e6 1e 65 cb ab 9b b4 07 b5 02 eb 9e 72 8b f4 5d bc e4 03 cb 32 29 34 cd a9 1d 54 dd 4c 7b bb a9 27 95 22 4e 5e 28 e2 68 ee 66 20 Data Ascii: wOF2Px\`D`6$T, V;=[i:SjnC?r<iC,"t'Zd-dn{n?$t<#'2 -r,r! rrtwer]2)4TL{'"N^(hf
2024-10-14 03:48:19 UTC	16384	IN	Data Raw: 09 60 b0 ff 0d 55 71 8a d2 79 a0 83 da 0f e2 24 ca e5 ee da d8 be 3b ee ba e7 81 fb ef bc fb de 9b 2e fe d5 55 63 6b cc 01 ac ed 26 ba 49 17 60 f1 da ae 8f 57 80 ca 8f 53 01 55 0e 82 f4 03 55 91 d9 c0 eb ca 50 9f 3d 20 8b 81 0f b2 0b f8 22 a7 81 df 1f 64 0e d0 01 3d 64 04 f0 0f c8 10 10 80 2c 07 81 48 2f 60 40 26 80 20 a4 27 08 fe a7 0c 03 21 20 06 e2 0e 62 41 1c a4 37 88 0f c8 3a 90 80 ac 06 89 c8 5a 90 84 0c 00 c9 69 ee e4 14 48 d9 0f d6 7f 50 03 58 83 9a e0 08 6a 45 57 50 1b d4 d1 45 75 41 07 ea e5 fe a0 3e 68 00 c2 40 c3 70 8f 04 8d 40 e3 9a 27 4d a0 3a 68 1a 1b 81 66 a0 f9 bc 5a b0 6d 49 5b 90 fa bc 13 68 05 5a 83 81 20 0d b4 01 c3 97 38 75 2c 68 d7 c8 18 d0 be 91 e1 a0 43 23 63 41 c7 29 5b ee 39 68 64 32 e8 dc 49 16 e8 92 4f 04 5d 41 37 b0 1c 74 0f Data Ascii: `Uqy$;.Uck&I`WSUUP= "d=d,H/`@& '! bA7:ZiHPXjEWPEuA>h@p@'M:hfZmI[hZ 8u,hC#cA)[9hd2IO]A7t
2024-10-14 03:48:19 UTC	9426	IN	Data Raw: e4 f4 22 ba 8c e6 49 5b 5d 31 a4 9a 11 a7 60 2b 5b 47 3c 8c 95 b0 06 52 06 1b cc e6 c3 ff 15 c7 7f 70 d2 7c 9f c6 64 98 78 3f 9d ae 8d db a6 75 c7 be 65 7e cd 27 0e 6f 5d 33 d7 b8 f9 72 4f 68 e0 3e c1 8a ed d8 51 43 e8 09 af f1 54 3f 77 96 f9 36 7f eb 8e 63 aa 68 f9 8a 2b da ba ba d8 8e b1 9f 96 7e 61 8b e3 e3 18 a6 b4 8e 15 d0 13 d2 2b 59 a6 71 f4 89 ad 59 11 b8 4c 4f 53 e6 a4 03 db a8 36 e9 b3 a5 e6 37 9e bb 75 ab 25 d2 c4 1e 3a 65 d4 c8 5e 96 37 03 7e 83 19 0e 00 8e 2b 39 1e 2c 3c 75 a0 8f 86 76 3c 3d d0 85 80 c1 ed 6b c8 a7 59 02 68 07 16 d1 5b f7 93 6d 8e af be 6f be c6 b3 73 ee 89 0a e1 ba 6c 85 9c 8b 27 e2 5b 12 54 f2 eb 75 69 4f b3 4c 5a 66 88 c0 00 40 d7 81 8f 33 b8 84 46 d4 b1 2d a1 59 6f c1 e1 d5 7c a4 a2 44 2d 63 99 92 78 60 13 3e fb 0e 0a b5 Data Ascii: "I[]1`+[G<Rp\|dx?ue~'o]3rOh>QCT?w6ch+~a+YqYLOS67u%:e^7~+9,<uv<=kYh[mosl'[TuiOLZf@3F-Yo\|D-cx`>
2024-10-14 03:48:19 UTC	2662	IN	Data Raw: c4 ba 46 29 4b bc 72 e9 78 7c 7d a7 45 4e a2 6f 35 fa 38 3b 9f 68 27 b8 c5 44 74 05 44 ea ba 2e 16 4e bc a5 e2 fb 5d 84 69 86 2c e6 10 69 18 93 d0 49 65 66 fd a2 16 9d c7 e4 aa 32 ad aa 0e 55 e4 44 88 e8 bd 90 e1 ff 90 28 94 6b d4 3d 2e 7c 3a 54 0f 19 44 8f 3e 83 4c 46 a2 6b af 90 b9 29 a2 ff 69 72 ad fa 2c a8 2a cd 20 66 76 aa b5 a4 82 76 fd 82 e6 6f 51 8b 22 ff 11 f1 ce 47 7b 77 ad fb 8e 09 39 ba 6e 38 6a 34 b7 c1 04 a2 5b 13 d5 98 23 62 27 9b 61 74 da af bd 9a 0f 45 d8 6c e7 50 b5 a0 62 bd 4a 4c 1f 33 41 04 04 77 29 3a ac 7d ae 08 4c aa f6 6c a5 51 a3 e0 ad b1 05 f0 f5 53 e3 6b 5f d0 78 49 65 e7 b0 b4 7c 6e 83 f1 1d c6 ed 0e 36 a5 0e 0b 17 8d d9 61 45 2f 0e b0 60 24 87 58 32 8d e3 71 b4 84 13 08 b1 83 93 70 f5 22 3f 19 07 9f a8 10 b5 29 78 4d a8 06 c1 Data Ascii: F)Krx\|}ENo58;h'DtD.N]i,iIef2UD(k=.\|:TD>LFk)ir,* fvvoQ"G{w9n8j4[#b'atElPbJL3Aw):}LlQSk_xIe\|n6aE/`$X2qp"?)xM

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:19 UTC	1245	OUT	GET /bundles/7ba6967109e88a8ecd8d.js HTTP/1.1 Host: totalcanterbury0.sharefile.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: .AspNetCore.Session=CfDJ8OCkC%2F7n4glIrxyAxDPzfZtF%2Fr1q0C9lA5Zzkpw4TX46Q1DDHrzCPcfNGmlu5qJhC%2Bt6N%2BsBSY%2FmkVNsbJLHgCTXiE%2Ff70xQaSpoDHIpldWdqXncTmqY2Sz3sAfLhvBH51LbrG4CF3cTL8RusB5FtfPL7wA8pB3GnbIuEwT%2BESgp; AWSALBTG=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALBTGCORS=pdjPtWb0fqK0oYtphHI0aY9HOtEOUV3ncZcoKm/kMZ3OwdciIQtVRZMGyZqNHZdkvMdqYB8Ne8nLd897OcrF6Uigv7iuB/C6fBGyE8C51dqSSWuyxXVhHi0JJ1rztEE9RFo3hAhXMe5q/vJzBoMyAfDjIpn3Csm/lJIuzUBGVwDx; AWSALB=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O; AWSALBCORS=c3e5bq1rxa2++iLYoFTvejwaYfW0jr2/SkwUo8wsLYAMJ97C/LPWKkayg3hUcKiV5LeSg8OorZs8CZ+SNHeTds3OmvuSMw8eA/aoM2g4u8tIlzIhjC2YYcxkpe+O
2024-10-14 03:48:19 UTC	1429	IN	HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 03:48:19 GMT Content-Type: application/javascript Content-Length: 5339 Connection: close Set-Cookie: AWSALBTG=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/ Set-Cookie: AWSALBTGCORS=VWtzZV2r86Up9mrf6SjeLQneEwQHBFDMY3ewWzlwoZyl6G131dXrx8yMddNtX+EpEdyWnFIMOYfWsPI7D174vWvj67gN0zvB+/yFUtCCjjDiaB04xYjm8juJ4T8RArLZleIcaWg6bS28Ap3nch47FXGd3YwLCORyfOlMB01DJ9CK; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/; SameSite=None; Secure Set-Cookie: AWSALB=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/ Set-Cookie: AWSALBCORS=HpAIPXrmmIyJF0NaqDNZ6aEBiWLRnmtcB8xO4Huy8IkPY1qyobbxjcwX8ZOxBqBtY+VZjq1FlscpDxtdrm3UzMkrsw6qTvuezX0ijKoLOnTJ25x0XtYTBGO99oCx; Expires=Mon, 21 Oct 2024 03:48:19 GMT; Path=/; SameSite=None; Secure Accept-Ranges: bytes Cache-Control: no-store, must-revalidate, no-cache, private Content-Language: en ETag: "1db18773a8c33db" Expires: 0 Last-Modified: Mon, 07 Oct 2024 05:10:30 GMT Pragma: no-cache Referrer-Policy: same-origin Strict-Transport-Security: max-age=16000000;includeSubDomains;preload X-Content-Type-Options: nosniff X-XSS-Protection: 1;mode=block
2024-10-14 03:48:19 UTC	5339	IN	Data Raw: 28 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 3d 73 65 6c 66 2e 77 65 62 70 61 63 6b 43 68 75 6e 6b 5f 73 68 61 72 65 66 69 6c 65 64 65 76 5f 73 68 61 72 65 66 69 6c 65 5f 61 70 70 73 68 65 6c 6c 7c 7c 5b 5d 29 2e 70 75 73 68 28 5b 5b 31 38 36 33 5d 2c 7b 36 36 35 33 33 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 2c 6f 29 7b 76 61 72 20 65 3d 6f 28 38 30 38 31 29 2c 66 3d 6f 28 32 33 36 34 35 29 2c 72 3d 6f 28 36 31 36 36 37 29 2c 69 3d 6f 28 34 34 35 35 30 29 2c 61 3d 6f 28 31 37 39 37 29 2c 73 3d 6f 28 38 35 34 39 33 29 2c 63 3d 6f 28 36 36 34 30 36 29 2c 6c 3d 6f 28 32 36 30 38 32 29 2c 70 3d 6f 28 34 34 30 39 33 29 2c 75 3d 6f 28 33 35 37 31 35 29 2c 64 Data Ascii: (self.webpackChunk_sharefiledev_sharefile_appshell=self.webpackChunk_sharefiledev_sharefile_appshell\|\|[]).push([[1863],{66533:function(n,t,o){var e=o(8081),f=o(23645),r=o(61667),i=o(44550),a=o(1797),s=o(85493),c=o(66406),l=o(26082),p=o(44093),u=o(35715),d

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	610	OUT	GET /sharefile-web/sharefiledev-conversations-pilet/1.94.6/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	612	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 77283 Connection: close Last-Modified: Mon, 16 Sep 2024 18:27:33 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 14 Oct 2024 03:48:21 GMT ETag: "c555335753018971124dabd9753f7ab0" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: 2JvzB7FjNJey37IGXxW7Zduq30oZOyIMx0nfoG2sWZBCOaV0cUMKuw== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 63 6f 6e 76 65 72 73 61 74 69 6f 6e 73 70 69 6c 65 74 2c 7b 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 40 63 69 74 72 69 74 65 2f 73 66 2d 61 70 69 22 2c 22 40 73 68 61 72 65 66 69 6c 65 64 65 76 2f 61 6e 74 64 2d 63 6f 6e 66 69 67 22 2c 22 61 6e 74 64 22 2c 22 72 65 61 63 74 22 2c 22 72 65 61 63 74 2d 64 6f 6d 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 2d 64 6f 6d 22 2c 22 74 73 6c 69 62 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 6e 3d 7b 7d 2c 72 3d 7b 7d 2c 69 3d 7b 7d 2c 73 3d 7b 7d 2c 61 3d 7b 7d 2c 6f 3d 7b 7d 2c 75 3d 7b 7d 2c 63 3d 7b 7d 3b Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevconversationspilet,{})System.register(["@citrite/sf-api","@sharefiledev/antd-config","antd","react","react-dom","react-router","react-router-dom","tslib"],(function(t,e){var n={},r={},i={},s={},a={},o={},u={},c={};
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 3b 28 30 2c 69 2e 41 29 28 74 68 69 73 2c 74 29 2c 74 68 69 73 2e 65 6e 74 69 74 79 54 79 70 65 3d 65 2c 74 68 69 73 2e 65 6e 74 69 74 79 49 64 3d 6e 2c 74 68 69 73 2e 70 61 72 65 6e 74 52 65 73 6f 75 72 63 65 49 64 3d 72 7d 72 65 74 75 72 6e 28 30 2c 73 2e 41 29 28 74 2c 5b 7b 6b 65 79 3a 22 74 6f 53 74 72 69 6e 67 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 68 69 73 2e 70 61 72 65 6e 74 52 65 73 6f 75 72 63 65 49 64 3d 3d 3d 74 2e 50 72 6f 74 6f 63 6f 6c 3f 22 22 3a 22 2f 22 3b 72 65 74 75 72 6e 20 6e 65 77 20 55 52 4c 28 22 22 2e 63 6f 6e 63 61 74 28 74 68 69 73 2e 70 61 72 65 6e 74 52 65 73 6f 75 72 63 65 49 64 29 2e 63 6f 6e 63 61 74 28 65 29 2e 63 6f 6e 63 61 74 28 74 68 69 73 2e 65 6e 74 69 74 79 54 79 70 65 2c 22 Data Ascii: ;(0,i.A)(this,t),this.entityType=e,this.entityId=n,this.parentResourceId=r}return(0,s.A)(t,[{key:"toString",value:function(){var e=this.parentResourceId===t.Protocol?"":"/";return new URL("".concat(this.parentResourceId).concat(e).concat(this.entityType,"
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 2b 29 72 5b 6e 5d 3d 74 5b 6e 5d 3b 72 65 74 75 72 6e 20 72 7d 6e 2e 64 28 65 2c 7b 41 3a 28 29 3d 3e 72 7d 29 7d 2c 36 33 36 39 3a 28 74 2c 65 2c 6e 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 28 74 29 7b 69 66 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 29 29 72 65 74 75 72 6e 20 74 7d 6e 2e 64 28 65 2c 7b 41 3a 28 29 3d 3e 72 7d 29 7d 2c 33 30 32 39 3a 28 74 2c 65 2c 6e 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 66 75 6e 63 74 69 6f 6e 20 72 28 74 2c 65 29 7b 69 66 28 21 28 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 65 29 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 63 61 6c 6c 20 61 20 63 6c 61 73 73 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 7d 6e 2e 64 28 65 Data Ascii: +)r[n]=t[n];return r}n.d(e,{A:()=>r})},6369:(t,e,n)=>{"use strict";function r(t){if(Array.isArray(t))return t}n.d(e,{A:()=>r})},3029:(t,e,n)=>{"use strict";function r(t,e){if(!(t instanceof e))throw new TypeError("Cannot call a class as a function")}n.d(e
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 67 6e 61 6c 43 6f 6e 73 75 6d 65 64 3d 21 31 2c 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 71 75 65 72 79 46 6e 28 61 29 29 3a 50 72 6f 6d 69 73 65 2e 72 65 6a 65 63 74 28 22 4d 69 73 73 69 6e 67 20 71 75 65 72 79 46 6e 20 66 6f 72 20 71 75 65 72 79 4b 65 79 20 27 22 2b 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 71 75 65 72 79 48 61 73 68 2b 22 27 22 29 7d 3b 76 61 72 20 64 3b 28 75 28 63 29 2c 6e 75 6c 6c 3d 3d 28 6e 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 62 65 68 61 76 69 6f 72 29 7c 7c 6e 2e 6f 6e 46 65 74 63 68 28 63 29 2c 74 68 69 73 2e 72 65 76 65 72 74 53 74 61 74 65 3d 74 68 69 73 2e 73 74 61 74 65 2c 22 69 64 6c 65 22 3d 3d 3d 74 68 69 73 2e 73 74 61 74 65 2e 66 65 74 63 68 53 74 61 74 75 73 7c 7c 74 68 69 73 2e 73 74 61 74 65 2e 66 65 74 63 68 4d 65 Data Ascii: gnalConsumed=!1,this.options.queryFn(a)):Promise.reject("Missing queryFn for queryKey '"+this.options.queryHash+"'")};var d;(u(c),null==(n=this.options.behavior)\|\|n.onFetch(c),this.revertState=this.state,"idle"===this.state.fetchStatus\|\|this.state.fetchMe
2024-10-14 03:48:20 UTC	11747	IN	Data Raw: 45 6c 65 6d 65 6e 74 28 65 5b 22 64 65 66 61 75 6c 74 22 5d 2e 53 75 73 70 65 6e 73 65 2c 7b 66 61 6c 6c 62 61 63 6b 3a 65 5b 22 64 65 66 61 75 6c 74 22 5d 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 52 2e 53 70 69 6e 2c 7b 73 74 79 6c 65 3a 7b 70 61 64 64 69 6e 67 42 6f 74 74 6f 6d 3a 49 2e 73 69 7a 65 73 2e 58 53 2c 70 61 64 64 69 6e 67 52 69 67 68 74 3a 49 2e 73 69 7a 65 73 2e 4d 44 7d 7d 29 7d 2c 65 5b 22 64 65 66 61 75 6c 74 22 5d 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 6a 2c 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 28 7b 7d 2c 74 29 29 29 7d 2c 24 3d 65 5b 22 64 65 66 61 75 6c 74 22 5d 2e 6c 61 7a 79 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 50 72 6f 6d 69 73 65 2e 61 6c 6c 28 5b 66 2e 65 28 37 30 34 29 2c 66 2e 65 28 39 37 37 Data Ascii: Element(e["default"].Suspense,{fallback:e["default"].createElement(R.Spin,{style:{paddingBottom:I.sizes.XS,paddingRight:I.sizes.MD}})},e["default"].createElement(j,Object.assign({},t)))},$=e["default"].lazy((function(){return Promise.all([f.e(704),f.e(977

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	612	OUT	GET /sharefile-web/sharefiledev-audit-collector-pilet/0.11.0/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	607	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 113304 Connection: close Date: Mon, 14 Oct 2024 03:48:21 GMT Last-Modified: Wed, 07 Aug 2024 19:21:56 GMT ETag: "530a7b55c7f2519e38f8b06fe7b2ab6d" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: WUrAibf5JXDKcXbxMFO1lHn2f5FNPzS0RHVEUtm-fVWrX3TjJl4B5g== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	8949	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 61 75 64 69 74 63 6f 6c 6c 65 63 74 6f 72 70 69 6c 65 74 2c 7b 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 61 6e 74 64 22 2c 22 72 65 61 63 74 22 2c 22 74 73 6c 69 62 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 72 3d 7b 7d 2c 6e 3d 7b 7d 2c 6f 3d 7b 7d 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 6e 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 7b 73 65 74 74 65 72 73 3a 5b 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 2e 42 75 74 74 6f 6e 3d 65 2e 42 75 74 74 6f 6e 2c 72 2e 44 61 74 65 50 69 63 6b 65 72 3d 65 2e 44 61 74 65 50 Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevauditcollectorpilet,{})System.register(["antd","react","tslib"],(function(e,t){var r={},n={},o={};return Object.defineProperty(n,"__esModule",{value:!0}),{setters:[function(e){r.Button=e.Button,r.DatePicker=e.DateP
2024-10-14 03:48:21 UTC	6912	IN	Data Raw: 6c 29 7d 29 29 28 29 7d 29 29 7d 2c 47 65 74 52 65 70 6f 72 74 42 79 49 64 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 28 30 2c 6e 2e 5f 5f 61 77 61 69 74 65 72 29 28 74 68 69 73 2c 76 6f 69 64 20 30 2c 76 6f 69 64 20 30 2c 69 28 29 2e 6d 61 72 6b 28 28 66 75 6e 63 74 69 6f 6e 20 74 28 29 7b 76 61 72 20 72 2c 6e 3b 72 65 74 75 72 6e 20 69 28 29 2e 77 72 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 66 6f 72 28 3b 3b 29 73 77 69 74 63 68 28 74 2e 70 72 65 76 3d 74 2e 6e 65 78 74 29 7b 63 61 73 65 20 30 3a 72 65 74 75 72 6e 20 74 2e 6e 65 78 74 3d 32 2c 73 28 22 2f 72 65 70 6f 72 74 73 2f 22 2e 63 6f 6e 63 61 74 28 65 29 2c 7b 6d 65 74 68 6f 64 3a 22 47 45 54 22 2c 68 65 61 64 65 72 73 3a 7b 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 3a 22 61 Data Ascii: l)}))()}))},GetReportById:function(e){return(0,n.__awaiter)(this,void 0,void 0,i().mark((function t(){var r,n;return i().wrap((function(t){for(;;)switch(t.prev=t.next){case 0:return t.next=2,s("/reports/".concat(e),{method:"GET",headers:{"Content-Type":"a
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 2c 69 3d 30 3b 69 3c 6e 2e 6c 65 6e 67 74 68 3b 2b 2b 69 29 7b 69 66 28 21 6f 29 72 65 74 75 72 6e 3b 69 66 28 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 6f 5b 6e 5b 69 5d 5d 26 26 69 2b 31 3c 6e 2e 6c 65 6e 67 74 68 29 72 65 74 75 72 6e 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 6f 5b 6e 5b 69 5d 5d 29 7b 66 6f 72 28 76 61 72 20 61 3d 32 2c 73 3d 6e 2e 73 6c 69 63 65 28 69 2c 69 2b 61 29 2e 6a 6f 69 6e 28 72 29 2c 63 3d 6f 5b 73 5d 3b 76 6f 69 64 20 30 3d 3d 3d 63 26 26 6e 2e 6c 65 6e 67 74 68 3e 69 2b 61 3b 29 61 2b 2b 2c 63 3d 6f 5b 73 3d 6e 2e 73 6c 69 63 65 28 69 2c 69 2b 61 29 2e 6a 6f 69 6e 28 72 29 5d 3b 69 66 28 76 6f 69 64 20 30 3d 3d 3d 63 29 72 65 74 75 72 6e 3b 69 66 28 6e 75 6c 6c 3d 3d 3d 63 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 69 66 Data Ascii: ,i=0;i<n.length;++i){if(!o)return;if("string"==typeof o[n[i]]&&i+1<n.length)return;if(void 0===o[n[i]]){for(var a=2,s=n.slice(i,i+a).join(r),c=o[s];void 0===c&&n.length>i+a;)a++,c=o[s=n.slice(i,i+a).join(r)];if(void 0===c)return;if(null===c)return null;if
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 69 73 2e 67 65 74 53 63 72 69 70 74 50 61 72 74 46 72 6f 6d 43 6f 64 65 28 65 29 29 2c 22 63 75 72 72 65 6e 74 4f 6e 6c 79 22 21 3d 3d 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 6c 6f 61 64 26 26 69 28 74 68 69 73 2e 67 65 74 4c 61 6e 67 75 61 67 65 50 61 72 74 46 72 6f 6d 43 6f 64 65 28 65 29 29 29 3a 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 69 28 74 68 69 73 2e 66 6f 72 6d 61 74 4c 61 6e 67 75 61 67 65 43 6f 64 65 28 65 29 29 2c 6e 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 6f 2e 69 6e 64 65 78 4f 66 28 65 29 3c 30 26 26 69 28 72 2e 66 6f 72 6d 61 74 4c 61 6e 67 75 61 67 65 43 6f 64 65 28 65 29 29 7d 29 29 2c 6f 7d 7d 5d 29 2c 65 7d 28 29 2c 4a 3d 5b 7b 6c 6e 67 73 3a 5b 22 61 63 68 22 2c 22 61 6b 22 2c 22 61 6d 22 Data Ascii: is.getScriptPartFromCode(e)),"currentOnly"!==this.options.load&&i(this.getLanguagePartFromCode(e))):"string"==typeof e&&i(this.formatLanguageCode(e)),n.forEach((function(e){o.indexOf(e)<0&&i(r.formatLanguageCode(e))})),o}}]),e}(),J=[{lngs:["ach","ak","am"
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 7d 2c 7b 6c 6e 67 73 3a 5b 22 63 79 22 5d 2c 6e 72 3a 5b 31 2c 32 2c 33 2c 38 5d 2c 66 63 3a 38 7d 2c 7b 6c 6e 67 73 3a 5b 22 66 72 22 5d 2c 6e 72 3a 5b 31 2c 32 5d 2c 66 63 3a 39 7d 2c 7b 6c 6e 67 73 3a 5b 22 67 61 22 5d 2c 6e 72 3a 5b 31 2c 32 2c 33 2c 37 2c 31 31 5d 2c 66 63 3a 31 30 7d 2c 7b 6c 6e 67 73 3a 5b 22 67 64 22 5d 2c 6e 72 3a 5b 31 2c 32 2c 33 2c 32 30 5d 2c 66 63 3a 31 31 7d 2c 7b 6c 6e 67 73 3a 5b 22 69 73 22 5d 2c 6e 72 3a 5b 31 2c 32 5d 2c 66 63 3a 31 32 7d 2c 7b 6c 6e 67 73 3a 5b 22 6a 76 22 5d 2c 6e 72 3a 5b 30 2c 31 5d 2c 66 63 3a 31 33 7d 2c 7b 6c 6e 67 73 3a 5b 22 6b 77 22 5d 2c 6e 72 3a 5b 31 2c 32 2c 33 2c 34 5d 2c 66 63 3a 31 34 7d 2c 7b 6c 6e 67 73 3a 5b 22 6c 74 22 5d 2c 6e 72 3a 5b 31 2c 32 2c 31 30 5d 2c 66 63 3a 31 35 7d 2c Data Ascii: },{lngs:["cy"],nr:[1,2,3,8],fc:8},{lngs:["fr"],nr:[1,2],fc:9},{lngs:["ga"],nr:[1,2,3,7,11],fc:10},{lngs:["gd"],nr:[1,2,3,20],fc:11},{lngs:["is"],nr:[1,2],fc:12},{lngs:["jv"],nr:[0,1],fc:13},{lngs:["kw"],nr:[1,2,3,4],fc:14},{lngs:["lt"],nr:[1,2,10],fc:15},
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 2c 74 29 7b 76 61 72 20 72 3d 74 68 69 73 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 32 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 32 5d 3a 7b 7d 2c 6f 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 33 3f 61 72 67 75 6d 65 6e 74 73 5b 33 5d 3a 76 6f 69 64 20 30 3b 69 66 28 21 74 68 69 73 2e 62 61 63 6b 65 6e 64 29 72 65 74 75 72 6e 20 74 68 69 73 2e 6c 6f 67 67 65 72 2e 77 61 72 6e 28 22 4e 6f 20 62 61 63 6b 65 6e 64 20 77 61 73 20 61 64 64 65 64 20 76 69 61 20 69 31 38 6e 65 78 74 2e 75 73 65 2e 20 57 69 6c 6c 20 6e 6f 74 20 6c 6f 61 64 20 72 65 73 6f 75 72 63 65 73 2e 22 29 2c 6f 26 26 6f 28 29 3b 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 28 65 3d 74 68 Data Ascii: ,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{},o=arguments.length>3?arguments[3]:void 0;if(!this.backend)return this.logger.warn("No backend was added via i18next.use. Will not load resources."),o&&o();"string"==typeof e&&(e=th
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 63 74 69 6f 6e 28 65 2c 74 2c 72 2c 6e 2c 6f 29 7b 76 61 72 20 69 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 35 26 26 76 6f 69 64 20 30 21 3d 3d 61 72 67 75 6d 65 6e 74 73 5b 35 5d 3f 61 72 67 75 6d 65 6e 74 73 5b 35 5d 3a 7b 7d 3b 74 68 69 73 2e 73 65 72 76 69 63 65 73 2e 75 74 69 6c 73 26 26 74 68 69 73 2e 73 65 72 76 69 63 65 73 2e 75 74 69 6c 73 2e 68 61 73 4c 6f 61 64 65 64 4e 61 6d 65 73 70 61 63 65 26 26 21 74 68 69 73 2e 73 65 72 76 69 63 65 73 2e 75 74 69 6c 73 2e 68 61 73 4c 6f 61 64 65 64 4e 61 6d 65 73 70 61 63 65 28 74 29 3f 74 68 69 73 2e 6c 6f 67 67 65 72 2e 77 61 72 6e 28 27 64 69 64 20 6e 6f 74 20 73 61 76 65 20 6b 65 79 20 22 27 2e 63 6f 6e 63 61 74 28 72 2c 27 22 20 61 73 20 74 68 65 20 6e 61 6d 65 73 70 61 63 65 20 22 27 29 Data Ascii: ction(e,t,r,n,o){var i=arguments.length>5&&void 0!==arguments[5]?arguments[5]:{};this.services.utils&&this.services.utils.hasLoadedNamespace&&!this.services.utils.hasLoadedNamespace(t)?this.logger.warn('did not save key "'.concat(r,'" as the namespace "')
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 6e 63 74 69 6f 6e 20 65 28 29 7b 21 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 21 28 65 20 69 6e 73 74 61 6e 63 65 6f 66 20 74 29 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 63 61 6c 6c 20 61 20 63 6c 61 73 73 20 61 73 20 61 20 66 75 6e 63 74 69 6f 6e 22 29 7d 28 74 68 69 73 2c 65 29 7d 72 65 74 75 72 6e 20 6e 28 65 2c 6e 75 6c 6c 2c 5b 7b 6b 65 79 3a 22 68 61 73 68 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 65 2e 68 65 78 28 65 2e 6d 64 35 31 28 74 29 29 7d 7d 2c 7b 6b 65 79 3a 22 6d 64 35 63 79 63 6c 65 22 2c 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 74 2c 72 29 7b 76 61 72 20 6e 3d 74 5b 30 5d 2c 6f 3d 74 5b 31 5d 2c 69 3d 74 5b 32 5d 2c 61 3d 74 5b 33 5d 3b 6e Data Ascii: nction e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return n(e,null,[{key:"hash",value:function(t){return e.hex(e.md51(t))}},{key:"md5cycle",value:function(t,r){var n=t[0],o=t[1],i=t[2],a=t[3];n
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 67 67 28 69 2c 61 2c 6e 2c 6f 2c 72 5b 31 35 5d 2c 31 34 2c 2d 36 36 30 34 37 38 33 33 35 29 2c 6f 3d 65 2e 67 67 28 6f 2c 69 2c 61 2c 6e 2c 72 5b 34 5d 2c 32 30 2c 2d 34 30 35 35 33 37 38 34 38 29 2c 6e 3d 65 2e 67 67 28 6e 2c 6f 2c 69 2c 61 2c 72 5b 39 5d 2c 35 2c 35 36 38 34 34 36 34 33 38 29 2c 61 3d 65 2e 67 67 28 61 2c 6e 2c 6f 2c 69 2c 72 5b 31 34 5d 2c 39 2c 2d 31 30 31 39 38 30 33 36 39 30 29 2c 69 3d 65 2e 67 67 28 69 2c 61 2c 6e 2c 6f 2c 72 5b 33 5d 2c 31 34 2c 2d 31 38 37 33 36 33 39 36 31 29 2c 6f 3d 65 2e 67 67 28 6f 2c 69 2c 61 2c 6e 2c 72 5b 38 5d 2c 32 30 2c 31 31 36 33 35 33 31 35 30 31 29 2c 6e 3d 65 2e 67 67 28 6e 2c 6f 2c 69 2c 61 2c 72 5b 31 33 5d 2c 35 2c 2d 31 34 34 34 36 38 31 34 36 37 29 2c 61 3d 65 2e 67 67 28 61 2c 6e 2c 6f 2c Data Ascii: gg(i,a,n,o,r[15],14,-660478335),o=e.gg(o,i,a,n,r[4],20,-405537848),n=e.gg(n,o,i,a,r[9],5,568446438),a=e.gg(a,n,o,i,r[14],9,-1019803690),i=e.gg(i,a,n,o,r[3],14,-187363961),o=e.gg(o,i,a,n,r[8],20,1163531501),n=e.gg(n,o,i,a,r[13],5,-1444681467),a=e.gg(a,n,o,
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 29 7b 66 6f 72 28 76 61 72 20 74 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 2e 6c 65 6e 67 74 68 2d 31 3b 74 3e 3d 30 3b 2d 2d 74 29 7b 76 61 72 20 72 3d 74 68 69 73 2e 74 72 79 45 6e 74 72 69 65 73 5b 74 5d 3b 69 66 28 72 2e 74 72 79 4c 6f 63 3d 3d 3d 65 29 7b 76 61 72 20 6e 3d 72 2e 63 6f 6d 70 6c 65 74 69 6f 6e 3b 69 66 28 22 74 68 72 6f 77 22 3d 3d 3d 6e 2e 74 79 70 65 29 7b 76 61 72 20 6f 3d 6e 2e 61 72 67 3b 43 28 72 29 7d 72 65 74 75 72 6e 20 6f 7d 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 69 6c 6c 65 67 61 6c 20 63 61 74 63 68 20 61 74 74 65 6d 70 74 22 29 7d 2c 64 65 6c 65 67 61 74 65 59 69 65 6c 64 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 72 2c 6e 29 7b 72 65 74 75 72 6e 20 74 68 69 73 2e 64 65 6c 65 67 61 74 65 3d 7b 69 74 65 72 61 74 6f 72 3a Data Ascii: ){for(var t=this.tryEntries.length-1;t>=0;--t){var r=this.tryEntries[t];if(r.tryLoc===e){var n=r.completion;if("throw"===n.type){var o=n.arg;C(r)}return o}}throw Error("illegal catch attempt")},delegateYield:function(e,r,n){return this.delegate={iterator:

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	608	OUT	GET /sharefile-web/sharefiledev-workflows-pilet/0.119.14/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	614	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 1420749 Connection: close Last-Modified: Wed, 02 Oct 2024 19:19:48 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 14 Oct 2024 03:48:21 GMT ETag: "1d059a1e91899cad205e8515bea97d44" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: _nSiowXrxrA_saosigWNa1szmTBAb96xiTmGfgdf9P-SpkddGyhIdw== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	15770	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 77 6f 72 6b 66 6c 6f 77 73 70 69 6c 65 74 2c 7b 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 72 65 61 63 74 22 2c 22 61 6e 74 64 22 2c 22 72 65 61 63 74 2d 64 6f 6d 22 2c 22 74 73 6c 69 62 22 2c 22 40 63 69 74 72 69 74 65 2f 73 66 2d 61 70 69 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 2d 64 6f 6d 22 2c 22 40 73 68 61 72 65 66 69 6c 65 64 65 76 2f 61 6e 74 64 2d 63 6f 6e 66 69 67 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 7b 7d 2c 72 3d 7b 7d 2c 6f 3d 7b 7d 2c 69 3d 7b 7d 2c 61 3d 7b 7d 2c 73 3d 7b 7d 2c 6c 3d 7b 7d 2c 63 3d 7b 7d 3b 72 65 74 75 Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevworkflowspilet,{})System.register(["react","antd","react-dom","tslib","@citrite/sf-api","react-router-dom","@sharefiledev/antd-config","react-router"],(function(e,t){var n={},r={},o={},i={},a={},s={},l={},c={};retu
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 6e 75 6c 6c 3d 3d 3d 28 74 3d 6f 28 29 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 74 3f 76 6f 69 64 20 30 3a 74 2e 76 31 3b 72 65 74 75 72 6e 20 69 26 26 6e 75 6c 6c 21 3d 3d 28 6e 3d 69 2e 67 65 74 56 61 6c 75 65 28 65 29 29 26 26 76 6f 69 64 20 30 21 3d 3d 6e 3f 6e 3a 72 7d 66 75 6e 63 74 69 6f 6e 20 6f 28 29 7b 76 61 72 20 65 2c 74 3b 72 65 74 75 72 6e 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 3f 75 6e 64 65 66 69 6e 65 64 3a 28 6e 75 6c 6c 21 3d 3d 28 74 3d 28 65 3d 77 69 6e 64 6f 77 29 2e 5f 5f 63 69 74 72 69 78 5f 69 6e 74 65 72 6e 61 6c 5f 66 65 61 74 75 72 65 66 6c 61 67 73 5f 5f 29 26 26 76 6f 69 64 20 30 21 3d 3d 74 7c 7c 28 65 2e 5f 5f 63 69 74 72 69 78 5f 69 6e 74 65 72 6e 61 6c 5f 66 65 61 74 75 72 65 66 6c 61 67 Data Ascii: null===(t=o())\|\|void 0===t?void 0:t.v1;return i&&null!==(n=i.getValue(e))&&void 0!==n?n:r}function o(){var e,t;return"undefined"==typeof window?undefined:(null!==(t=(e=window).__citrix_internal_featureflags__)&&void 0!==t\|\|(e.__citrix_internal_featureflag
2024-10-14 03:48:20 UTC	11077	IN	Data Raw: 33 30 30 35 3a 63 61 73 65 20 36 33 39 31 3a 63 61 73 65 20 35 38 37 39 3a 63 61 73 65 20 35 36 32 33 3a 63 61 73 65 20 36 31 33 35 3a 63 61 73 65 20 34 35 39 39 3a 63 61 73 65 20 34 38 35 35 3a 63 61 73 65 20 34 32 31 35 3a 63 61 73 65 20 36 33 38 39 3a 63 61 73 65 20 35 31 30 39 3a 63 61 73 65 20 35 33 36 35 3a 63 61 73 65 20 35 36 32 31 3a 63 61 73 65 20 33 38 32 39 3a 72 65 74 75 72 6e 20 50 2b 65 2b 65 3b 63 61 73 65 20 35 33 34 39 3a 63 61 73 65 20 34 32 34 36 3a 63 61 73 65 20 34 38 31 30 3a 63 61 73 65 20 36 39 36 38 3a 63 61 73 65 20 32 37 35 36 3a 72 65 74 75 72 6e 20 50 2b 65 2b 48 2b 65 2b 7a 2b 65 2b 65 3b 63 61 73 65 20 36 38 32 38 3a 63 61 73 65 20 34 32 36 38 3a 72 65 74 75 72 6e 20 50 2b 65 2b 7a 2b 65 2b 65 3b 63 61 73 65 20 36 31 36 35 Data Ascii: 3005:case 6391:case 5879:case 5623:case 6135:case 4599:case 4855:case 4215:case 6389:case 5109:case 5365:case 5621:case 3829:return P+e+e;case 5349:case 4246:case 4810:case 6968:case 2756:return P+e+H+e+z+e+e;case 6828:case 4268:return P+e+z+e+e;case 6165
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 6e 75 6c 6c 3a 6f 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 74 79 6c 65 22 2c 28 28 63 3d 7b 7d 29 5b 22 64 61 74 61 2d 65 6d 6f 74 69 6f 6e 22 5d 3d 74 2e 6b 65 79 2b 22 2d 67 6c 6f 62 61 6c 20 22 2b 75 2c 63 2e 64 61 6e 67 65 72 6f 75 73 6c 79 53 65 74 49 6e 6e 65 72 48 54 4d 4c 3d 7b 5f 5f 68 74 6d 6c 3a 6d 7d 2c 63 2e 6e 6f 6e 63 65 3d 74 2e 73 68 65 65 74 2e 6e 6f 6e 63 65 2c 63 29 29 7d 76 61 72 20 70 3d 6f 2e 75 73 65 52 65 66 28 29 3b 72 65 74 75 72 6e 28 30 2c 61 2e 6a 29 28 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 65 3d 74 2e 6b 65 79 2b 22 2d 67 6c 6f 62 61 6c 22 2c 6e 3d 6e 65 77 20 74 2e 73 68 65 65 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 28 7b 6b 65 79 3a 65 2c 6e 6f 6e 63 65 3a 74 2e 73 68 65 65 74 2e 6e 6f 6e 63 65 2c 63 6f Data Ascii: null:o.createElement("style",((c={})["data-emotion"]=t.key+"-global "+u,c.dangerouslySetInnerHTML={__html:m},c.nonce=t.sheet.nonce,c))}var p=o.useRef();return(0,a.j)((function(){var e=t.key+"-global",n=new t.sheet.constructor({key:e,nonce:t.sheet.nonce,co
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 62 6a 65 63 74 28 6e 29 2c 21 30 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 67 28 65 2c 74 2c 6e 5b 74 5d 29 7d 29 29 3a 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 28 65 2c 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 73 28 6e 29 29 3a 79 28 4f 62 6a 65 63 74 28 6e 29 29 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 65 2c 74 2c 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 44 65 73 63 72 69 70 74 6f 72 28 6e 2c 74 29 29 7d 29 29 7d 72 65 74 75 72 6e 20 65 7d Data Ascii: bject(n),!0).forEach((function(t){g(e,t,n[t])})):Object.getOwnPropertyDescriptors?Object.defineProperties(e,Object.getOwnPropertyDescriptors(n)):y(Object(n)).forEach((function(t){Object.defineProperty(e,t,Object.getOwnPropertyDescriptor(n,t))}))}return e}
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 28 4a 7c 7c 28 4a 3d 7b 7d 29 29 3b 63 6f 6e 73 74 20 51 3d 7b 5b 4a 2e 49 4e 46 4f 5d 3a 30 2c 5b 4a 2e 57 41 52 4e 49 4e 47 5d 3a 31 2c 5b 4a 2e 45 52 52 4f 52 5d 3a 32 2c 5b 4a 2e 46 41 54 41 4c 5d 3a 33 7d 3b 76 61 72 20 4b 3b 21 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 2e 52 55 4e 54 49 4d 45 3d 22 52 55 4e 54 49 4d 45 22 2c 65 2e 44 45 53 49 47 4e 3d 22 44 45 53 49 47 4e 22 7d 28 4b 7c 7c 28 4b 3d 7b 7d 29 29 3b 63 6f 6e 73 74 20 58 3d 7b 5b 4b 2e 52 55 4e 54 49 4d 45 5d 3a 30 2c 5b 4b 2e 44 45 53 49 47 4e 5d 3a 31 7d 2c 65 65 3d 28 65 2c 74 2c 6e 29 3d 3e 7b 76 61 72 20 72 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 21 3d 3d 28 72 3d 6e 75 6c 6c 3d 3d 6e 3f 76 6f 69 64 20 30 3a 6e 2e 66 69 6c 74 65 72 28 28 74 3d 3e 28 28 65 2c 74 29 3d 3e 21 65 7c 7c 58 5b Data Ascii: (J\|\|(J={}));const Q={[J.INFO]:0,[J.WARNING]:1,[J.ERROR]:2,[J.FATAL]:3};var K;!function(e){e.RUNTIME="RUNTIME",e.DESIGN="DESIGN"}(K\|\|(K={}));const X={[K.RUNTIME]:0,[K.DESIGN]:1},ee=(e,t,n)=>{var r;return null!==(r=null==n?void 0:n.filter((t=>((e,t)=>!e\|\|X[
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 2e 4a 73 65 70 3d 66 65 3b 76 61 72 20 76 65 3d 7b 6e 61 6d 65 3a 22 74 65 72 6e 61 72 79 22 2c 69 6e 69 74 28 65 29 7b 65 2e 68 6f 6f 6b 73 2e 61 64 64 28 22 61 66 74 65 72 2d 65 78 70 72 65 73 73 69 6f 6e 22 2c 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 69 66 28 74 2e 6e 6f 64 65 26 26 74 68 69 73 2e 63 6f 64 65 3d 3d 3d 65 2e 51 55 4d 41 52 4b 5f 43 4f 44 45 29 7b 74 68 69 73 2e 69 6e 64 65 78 2b 2b 3b 63 6f 6e 73 74 20 6e 3d 74 2e 6e 6f 64 65 2c 72 3d 74 68 69 73 2e 67 6f 62 62 6c 65 45 78 70 72 65 73 73 69 6f 6e 28 29 3b 69 66 28 72 7c 7c 74 68 69 73 2e 74 68 72 6f 77 45 72 72 6f 72 28 22 45 78 70 65 63 74 65 64 20 65 78 70 72 65 73 73 69 6f 6e 22 29 2c 74 68 69 73 2e 67 6f 62 62 6c 65 53 70 61 63 65 73 28 29 2c 74 68 69 73 2e 63 6f 64 65 3d 3d 3d 65 2e Data Ascii: .Jsep=fe;var ve={name:"ternary",init(e){e.hooks.add("after-expression",(function(t){if(t.node&&this.code===e.QUMARK_CODE){this.index++;const n=t.node,r=this.gobbleExpression();if(r\|\|this.throwError("Expected expression"),this.gobbleSpaces(),this.code===e.
2024-10-14 03:48:21 UTC	7570	IN	Data Raw: 30 3a 69 2e 5f 65 78 70 65 63 74 65 64 54 79 70 65 2c 74 5b 65 5d 2c 6e 2c 72 29 7d 29 29 29 29 3b 72 65 74 75 72 6e 20 6f 7d 2c 6e 74 3d 28 65 2c 74 29 3d 3e 7b 76 61 72 20 6e 3b 6e 75 6c 6c 3d 3d 3d 28 6e 3d 6e 75 6c 6c 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 6d 65 6d 62 65 72 73 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6e 7c 7c 6e 2e 66 6f 72 45 61 63 68 28 28 65 3d 3e 7b 76 61 72 20 6e 3b 22 65 78 70 72 65 73 73 69 6f 6e 22 3d 3d 3d 65 2e 74 79 70 65 3f 6e 74 28 65 2e 76 61 6c 75 65 2c 74 29 3a 22 73 79 6d 62 6f 6c 22 3d 3d 3d 65 2e 74 79 70 65 26 26 28 6e 75 6c 6c 3d 3d 3d 28 6e 3d 65 2e 76 61 6c 75 65 2e 61 63 74 69 6f 6e 48 61 6e 64 6c 65 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6e 3f 76 6f 69 64 20 30 3a 6e 2e 69 64 29 26 26 74 2e 70 75 73 68 28 65 2e 76 61 Data Ascii: 0:i._expectedType,t[e],n,r)}))));return o},nt=(e,t)=>{var n;null===(n=null==e?void 0:e.members)\|\|void 0===n\|\|n.forEach((e=>{var n;"expression"===e.type?nt(e.value,t):"symbol"===e.type&&(null===(n=e.value.actionHandle)\|\|void 0===n?void 0:n.id)&&t.push(e.va
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 61 72 67 73 3d 58 65 28 6e 75 6c 6c 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 61 72 67 73 43 6f 6c 6c 65 63 74 69 6f 6e 2c 5b 5d 29 29 2c 28 6e 75 6c 6c 3d 3d 3d 28 6e 3d 6e 75 6c 6c 3d 3d 65 3f 76 6f 69 64 20 30 3a 65 2e 67 65 6e 65 72 69 63 54 79 70 65 41 72 67 73 43 6f 6c 6c 65 63 74 69 6f 6e 29 7c 7c 76 6f 69 64 20 30 3d 3d 3d 6e 3f 76 6f 69 64 20 30 3a 6e 2e 61 72 67 73 2e 6c 65 6e 67 74 68 29 3e 30 26 26 28 65 2e 67 65 6e 65 72 69 63 54 79 70 65 41 72 67 73 43 6f 6c 6c 65 63 74 69 6f 6e 2e 6f 72 69 67 69 6e 61 6c 46 6f 72 6d 61 74 3d 22 6f 62 6a 65 63 74 22 2c 72 2e 67 65 6e 65 72 69 63 54 79 70 65 41 72 67 73 3d 58 65 28 65 2e 67 65 6e 65 72 69 63 54 79 70 65 41 72 67 73 43 6f 6c 6c 65 63 74 69 6f 6e 2c 5b 5d 29 29 2c 72 7d 76 61 72 20 6b 74 3d 75 6e Data Ascii: args=Xe(null==e?void 0:e.argsCollection,[])),(null===(n=null==e?void 0:e.genericTypeArgsCollection)\|\|void 0===n?void 0:n.args.length)>0&&(e.genericTypeArgsCollection.originalFormat="object",r.genericTypeArgs=Xe(e.genericTypeArgsCollection,[])),r}var kt=un
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 72 75 63 74 6f 72 2e 74 79 70 65 3b 73 6e 2e 68 61 73 28 65 29 3f 69 3d 5b 2e 2e 2e 69 2c 2e 2e 2e 63 5d 3a 69 2e 70 75 73 68 28 63 29 7d 7d 69 66 28 6f 29 7b 6c 65 74 20 65 3d 7b 69 73 4d 61 74 63 68 3a 21 30 2c 73 63 6f 72 65 3a 61 2f 6f 7d 3b 72 65 74 75 72 6e 20 6e 26 26 28 65 2e 69 6e 64 69 63 65 73 3d 69 29 2c 65 7d 7d 72 65 74 75 72 6e 7b 69 73 4d 61 74 63 68 3a 21 31 2c 73 63 6f 72 65 3a 31 7d 7d 7d 63 6f 6e 73 74 20 63 6e 3d 5b 5d 3b 66 75 6e 63 74 69 6f 6e 20 75 6e 28 65 2c 74 29 7b 66 6f 72 28 6c 65 74 20 6e 3d 30 2c 72 3d 63 6e 2e 6c 65 6e 67 74 68 3b 6e 3c 72 3b 6e 2b 3d 31 29 7b 6c 65 74 20 72 3d 63 6e 5b 6e 5d 3b 69 66 28 72 2e 63 6f 6e 64 69 74 69 6f 6e 28 65 2c 74 29 29 72 65 74 75 72 6e 20 6e 65 77 20 72 28 65 2c 74 29 7d 72 65 74 75 72 Data Ascii: ructor.type;sn.has(e)?i=[...i,...c]:i.push(c)}}if(o){let e={isMatch:!0,score:a/o};return n&&(e.indices=i),e}}return{isMatch:!1,score:1}}}const cn=[];function un(e,t){for(let n=0,r=cn.length;n<r;n+=1){let r=cn[n];if(r.condition(e,t))return new r(e,t)}retur

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	603	OUT	GET /sharefile-web/sharefiledev-esign-pilet/1.218.0/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	613	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 775322 Connection: close Last-Modified: Wed, 25 Sep 2024 06:18:48 GMT x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Date: Mon, 14 Oct 2024 03:48:21 GMT ETag: "ed5aeea53278040b2022dea269dc2b98" Vary: Accept-Encoding X-Cache: RefreshHit from cloudfront Via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: jlq7PIe76nhDEPH_OW6-g1U8mxM1BcPE9e182xPh3YiY6wth6BOM-w== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 65 73 69 67 6e 70 69 6c 65 74 2c 7b 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 40 63 69 74 72 69 74 65 2f 73 66 2d 61 70 69 22 2c 22 40 73 68 61 72 65 66 69 6c 65 64 65 76 2f 61 6e 74 64 2d 63 6f 6e 66 69 67 22 2c 22 61 6e 74 64 22 2c 22 72 65 61 63 74 22 2c 22 72 65 61 63 74 2d 64 6f 6d 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 2d 64 6f 6d 22 2c 22 74 73 6c 69 62 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 7b 7d 2c 69 3d 7b 7d 2c 6f 3d 7b 7d 2c 72 3d 7b 7d 2c 61 3d 7b 7d 2c 73 3d 7b 7d 2c 6c 3d 7b 7d 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevesignpilet,{})System.register(["@citrite/sf-api","@sharefiledev/antd-config","antd","react","react-dom","react-router-dom","tslib"],(function(e,t){var n={},i={},o={},r={},a={},s={},l={};return Object.defineProperty
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 6b 41 72 63 72 6f 6c 65 7c 78 6c 69 6e 6b 48 72 65 66 7c 78 6c 69 6e 6b 52 6f 6c 65 7c 78 6c 69 6e 6b 53 68 6f 77 7c 78 6c 69 6e 6b 54 69 74 6c 65 7c 78 6c 69 6e 6b 54 79 70 65 7c 78 6d 6c 42 61 73 65 7c 78 6d 6c 6e 73 7c 78 6d 6c 6e 73 58 6c 69 6e 6b 7c 78 6d 6c 4c 61 6e 67 7c 78 6d 6c 53 70 61 63 65 7c 79 7c 79 31 7c 79 32 7c 79 43 68 61 6e 6e 65 6c 53 65 6c 65 63 74 6f 72 7c 7a 7c 7a 6f 6f 6d 41 6e 64 50 61 6e 7c 66 6f 72 7c 63 6c 61 73 73 7c 61 75 74 6f 66 6f 63 75 73 29 7c 28 28 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 41 61 5d 7c 5b 41 61 5d 5b 52 72 5d 5b 49 69 5d 5b 41 61 5d 7c 78 29 2d 2e 2a 29 29 24 2f 2c 72 3d 28 30 2c 69 2e 41 29 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 6f 2e 74 65 73 74 28 65 29 7c 7c 31 31 31 3d 3d 3d 65 Data Ascii: kArcrole\|xlinkHref\|xlinkRole\|xlinkShow\|xlinkTitle\|xlinkType\|xmlBase\|xmlns\|xmlnsXlink\|xmlLang\|xmlSpace\|y\|y1\|y2\|yChannelSelector\|z\|zoomAndPan\|for\|class\|autofocus)\|(([Dd][Aa][Tt][Aa]\|[Aa][Rr][Ii][Aa]\|x)-.*))$/,r=(0,i.A)((function(e){return o.test(e)\|\|111===e
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 61 74 68 3a 6e 6f 74 28 3a 66 69 72 73 74 2d 6f 66 2d 74 79 70 65 29 20 7b 5c 6e 5c 74 5c 74 66 69 6c 6c 3a 20 22 2c 22 3b 5c 6e 5c 74 7d 5c 6e 22 5d 29 29 2c 49 2c 54 29 2c 50 3d 28 30 2c 62 2e 41 29 28 43 29 28 6c 7c 7c 28 6c 3d 28 30 2c 68 2e 41 29 28 5b 22 5c 6e 5c 74 70 61 74 68 3a 66 69 72 73 74 2d 6f 66 2d 74 79 70 65 20 7b 5c 6e 5c 74 5c 74 66 69 6c 6c 3a 20 22 2c 22 3b 5c 6e 5c 74 7d 5c 6e 5c 74 70 61 74 68 3a 6e 6f 74 28 3a 66 69 72 73 74 2d 6f 66 2d 74 79 70 65 29 20 7b 5c 6e 5c 74 5c 74 66 69 6c 6c 3a 20 22 2c 22 3b 5c 6e 5c 74 7d 5c 6e 22 5d 29 29 2c 54 2c 49 29 2c 4d 3d 28 30 2c 62 2e 41 29 28 43 29 28 63 7c 7c 28 63 3d 28 30 2c 68 2e 41 29 28 5b 22 5c 6e 5c 74 70 61 74 68 3a 66 69 72 73 74 2d 6f 66 2d 74 79 70 65 20 7b 5c 6e 5c 74 5c 74 66 Data Ascii: ath:not(:first-of-type) {\n\t\tfill: ",";\n\t}\n"])),I,T),P=(0,b.A)(C)(l\|\|(l=(0,h.A)(["\n\tpath:first-of-type {\n\t\tfill: ",";\n\t}\n\tpath:not(:first-of-type) {\n\t\tfill: ",";\n\t}\n"])),T,I),M=(0,b.A)(C)(c\|\|(c=(0,h.A)(["\n\tpath:first-of-type {\n\t\tf
2024-10-14 03:48:21 UTC	11977	IN	Data Raw: 33 3a 28 65 2c 74 2c 6e 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 6e 2e 64 28 74 2c 7b 7a 3a 28 29 3d 3e 6f 7d 29 3b 76 61 72 20 69 3d 6e 28 34 37 32 36 29 2c 6f 3d 28 30 2c 6e 28 39 38 33 36 29 2e 77 29 28 22 53 65 6e 64 46 6f 72 53 69 67 6e 61 74 75 72 65 41 63 74 69 6f 6e 49 63 6f 6e 22 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3e 31 26 26 61 72 67 75 6d 65 6e 74 73 5b 31 5d 21 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3a 22 23 31 37 31 37 31 37 22 3b 72 65 74 75 72 6e 20 69 5b 22 64 65 66 61 75 6c 74 22 5d 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 76 67 22 2c 7b 22 64 61 74 61 2d 72 65 70 6c 61 63 65 2d 63 6f 6c 6f 72 22 3a 74 2c 77 69 64 Data Ascii: 3:(e,t,n)=>{"use strict";n.d(t,{z:()=>o});var i=n(4726),o=(0,n(9836).w)("SendForSignatureActionIcon",(function(e){var t=arguments.length>1&&arguments[1]!==undefined?arguments[1]:"#171717";return i["default"].createElement("svg",{"data-replace-color":t,wid
2024-10-14 03:48:21 UTC	12318	IN	Data Raw: 20 66 69 6c 65 22 2c 41 6c 65 72 74 49 63 6f 6e 3a 22 45 72 72 6f 72 20 69 63 6f 6e 22 2c 41 70 70 72 6f 76 61 6c 73 46 69 6c 65 49 63 6f 6e 3a 22 41 70 70 72 6f 76 61 6c 73 20 66 69 6c 65 22 2c 41 75 64 69 6f 49 63 6f 6e 3a 22 41 75 64 69 6f 20 66 69 6c 65 22 2c 43 6f 64 65 46 69 6c 65 49 63 6f 6e 3a 22 43 6f 64 65 20 66 69 6c 65 22 2c 43 77 46 6f 72 6d 49 63 6f 6e 3a 22 46 6f 72 6d 20 74 65 6d 70 6c 61 74 65 22 2c 43 77 54 65 6d 70 6c 61 74 65 49 63 6f 6e 3a 22 57 6f 72 6b 66 6c 6f 77 20 74 65 6d 70 6c 61 74 65 22 2c 43 77 57 6f 72 6b 66 6c 6f 77 49 63 6f 6e 3a 22 57 6f 72 6b 66 6c 6f 77 20 69 6e 73 74 61 6e 63 65 22 2c 44 63 6d 49 63 6f 6e 3a 22 44 43 4d 20 66 69 6c 65 22 2c 44 77 67 49 63 6f 6e 3a 22 44 57 47 20 66 69 6c 65 22 2c 45 6d 61 69 6c 49 63 Data Ascii: file",AlertIcon:"Error icon",ApprovalsFileIcon:"Approvals file",AudioIcon:"Audio file",CodeFileIcon:"Code file",CwFormIcon:"Form template",CwTemplateIcon:"Workflow template",CwWorkflowIcon:"Workflow instance",DcmIcon:"DCM file",DwgIcon:"DWG file",EmailIc
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: a9 22 2c 66 6f 72 6d 61 74 74 65 64 4e 75 6d 62 65 72 46 69 65 6c 64 3a 7b 63 61 6e 6e 6f 74 42 65 42 65 74 77 65 65 6e 45 72 72 6f 72 3a 22 4c 65 20 6e 6f 6d 62 72 65 20 6e 65 20 70 65 75 74 20 70 61 73 20 c3 aa 74 72 65 20 63 6f 6d 70 72 69 73 20 65 6e 74 72 65 20 7b 7b 6d 69 6e 7d 7d 20 65 74 20 7b 7b 6d 61 78 7d 7d 22 2c 63 61 6e 6e 6f 74 42 65 45 71 75 61 6c 45 72 72 6f 72 3a 22 4c 65 20 6e 6f 6d 62 72 65 20 6e 65 20 70 65 75 74 20 70 61 73 20 c3 aa 74 72 65 20 c3 a9 67 61 6c 20 c3 a0 20 7b 7b 6e 75 6d 62 65 72 7d 7d 22 2c 6d 75 73 74 42 65 42 65 74 77 65 65 6e 45 72 72 6f 72 3a 22 4c 65 20 6e 6f 6d 62 72 65 20 64 6f 69 74 20 c3 aa 74 72 65 20 63 6f 6d 70 72 69 73 20 65 6e 74 72 65 20 7b 7b 6d 69 6e 7d 7d 20 65 74 20 7b 7b 6d 61 78 7d 7d 22 2c 6d 75 Data Ascii: ",formattedNumberField:{cannotBeBetweenError:"Le nombre ne peut pas tre compris entre {{min}} et {{max}}",cannotBeEqualError:"Le nombre ne peut pas tre gal {{number}}",mustBeBetweenError:"Le nombre doit tre compris entre {{min}} et {{max}}",mu
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 73 20 64 65 20 63 6f 6d 65 6e 74 c3 a1 72 69 6f 22 2c 45 6d 70 74 79 43 6f 6d 70 6c 65 74 65 49 63 6f 6e 3a 22 49 6c 75 73 74 72 61 c3 a7 c3 a3 6f 20 64 65 20 74 6f 64 6f 73 20 6f 73 20 69 74 65 6e 73 20 63 6f 6e 63 6c 75 c3 ad 64 6f 73 22 2c 45 6d 70 74 79 43 6f 6d 70 75 74 65 72 49 63 6f 6e 3a 22 49 6c 75 73 74 72 61 c3 a7 c3 a3 6f 20 64 65 20 63 6f 6d 70 75 74 61 64 6f 72 22 2c 45 6d 70 74 79 44 61 73 68 62 6f 61 72 64 49 63 6f 6e 3a 22 49 6c 75 73 74 72 61 c3 a7 c3 a3 6f 20 64 65 20 70 61 69 6e 65 6c 22 2c 45 6d 70 74 79 44 6f 63 75 6d 65 6e 74 49 63 6f 6e 3a 22 49 6c 75 73 74 72 61 c3 a7 c3 a3 6f 20 64 65 20 64 6f 63 75 6d 65 6e 74 6f 22 2c 45 6d 70 74 79 45 72 72 6f 72 49 63 6f 6e 3a 22 49 6c 75 73 74 72 61 c3 a7 c3 a3 6f 20 64 65 20 65 72 72 6f 22 Data Ascii: s de comentrio",EmptyCompleteIcon:"Ilustrao de todos os itens concludos",EmptyComputerIcon:"Ilustrao de computador",EmptyDashboardIcon:"Ilustrao de painel",EmptyDocumentIcon:"Ilustrao de documento",EmptyErrorIcon:"Ilustrao de erro"
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 30 7d 29 3b 65 6c 73 65 20 69 66 28 74 68 69 73 2e 70 72 6f 6d 69 73 65 29 7b 76 61 72 20 72 3b 72 65 74 75 72 6e 20 6e 75 6c 6c 3d 3d 28 72 3d 74 68 69 73 2e 72 65 74 72 79 65 72 29 7c 7c 72 2e 63 6f 6e 74 69 6e 75 65 52 65 74 72 79 28 29 2c 74 68 69 73 2e 70 72 6f 6d 69 73 65 7d 69 66 28 65 26 26 74 68 69 73 2e 73 65 74 4f 70 74 69 6f 6e 73 28 65 29 2c 21 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 71 75 65 72 79 46 6e 29 7b 63 6f 6e 73 74 20 65 3d 74 68 69 73 2e 6f 62 73 65 72 76 65 72 73 2e 66 69 6e 64 28 28 65 3d 3e 65 2e 6f 70 74 69 6f 6e 73 2e 71 75 65 72 79 46 6e 29 29 3b 65 26 26 74 68 69 73 2e 73 65 74 4f 70 74 69 6f 6e 73 28 65 2e 6f 70 74 69 6f 6e 73 29 7d 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 74 68 69 73 2e 6f 70 74 69 6f 6e 73 2e 71 75 65 72 Data Ascii: 0});else if(this.promise){var r;return null==(r=this.retryer)\|\|r.continueRetry(),this.promise}if(e&&this.setOptions(e),!this.options.queryFn){const e=this.observers.find((e=>e.options.queryFn));e&&this.setOptions(e.options)}Array.isArray(this.options.quer
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 73 70 6c 61 79 4e 61 6d 65 3d 63 28 77 2c 6c 2c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 29 2c 74 2e 69 73 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 3d 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 65 26 26 65 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3b 72 65 74 75 72 6e 21 21 74 26 26 28 74 3d 3d 3d 53 7c 7c 22 47 65 6e 65 72 61 74 6f 72 46 75 6e 63 74 69 6f 6e 22 3d 3d 3d 28 74 2e 64 69 73 70 6c 61 79 4e 61 6d 65 7c 7c 74 2e 6e 61 6d 65 29 29 7d 2c 74 2e 6d 61 72 6b 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 3f 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 28 65 2c 77 29 3a Data Ascii: splayName=c(w,l,"GeneratorFunction"),t.isGeneratorFunction=function(e){var t="function"==typeof e&&e.constructor;return!!t&&(t===S\|\|"GeneratorFunction"===(t.displayName\|\|t.name))},t.mark=function(e){return Object.setPrototypeOf?Object.setPrototypeOf(e,w):
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 74 68 69 73 2c 76 6f 69 64 20 30 2c 76 6f 69 64 20 30 2c 62 28 29 2e 6d 61 72 6b 28 28 66 75 6e 63 74 69 6f 6e 20 6e 28 29 7b 76 61 72 20 69 2c 6f 2c 72 3b 72 65 74 75 72 6e 20 62 28 29 2e 77 72 61 70 28 28 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 66 6f 72 28 3b 3b 29 73 77 69 74 63 68 28 6e 2e 70 72 65 76 3d 6e 2e 6e 65 78 74 29 7b 63 61 73 65 20 30 3a 72 65 74 75 72 6e 20 69 3d 7b 6e 65 77 5f 65 78 70 69 72 61 74 69 6f 6e 3a 65 7d 2c 6f 3d 22 22 2e 63 6f 6e 63 61 74 28 76 2e 6c 65 67 61 63 79 55 72 6c 2c 22 2f 76 31 2f 64 6f 63 75 6d 65 6e 74 73 2f 22 29 2e 63 6f 6e 63 61 74 28 74 2c 22 2f 65 78 74 65 6e 64 5f 65 78 70 69 72 61 74 69 6f 6e 22 29 2c 72 3d 7b 75 72 6c 3a 6f 2c 6d 65 74 68 6f 64 3a 22 70 75 74 22 2c 64 61 74 61 3a 69 7d 2c 6e 2e 61 62 72 75 70 Data Ascii: this,void 0,void 0,b().mark((function n(){var i,o,r;return b().wrap((function(n){for(;;)switch(n.prev=n.next){case 0:return i={new_expiration:e},o="".concat(v.legacyUrl,"/v1/documents/").concat(t,"/extend_expiration"),r={url:o,method:"put",data:i},n.abrup

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	609	OUT	GET /sharefile-web/sharefiledev-user-actions-pilet/1.15.0/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	607	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 221391 Connection: close Date: Mon, 14 Oct 2024 03:48:21 GMT Last-Modified: Mon, 04 Dec 2023 08:50:04 GMT ETag: "b5d95b131a56925ed34b1cf110473319" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: 0Y-Bad6RBskxYtxHuq4ZDQzqKG-gNY_S6P44HSGlqcUBBLjhhgtgrg== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	8949	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 75 73 65 72 61 63 74 69 6f 6e 73 70 69 6c 65 74 2c 7b 22 40 63 69 74 72 69 74 65 2f 63 69 74 72 69 78 2d 75 69 40 32 35 2e 34 36 2e 30 22 3a 22 63 69 74 72 69 74 65 2d 63 69 74 72 69 78 2d 75 69 2e 6a 73 22 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 40 63 69 74 72 69 74 65 2f 63 69 74 72 69 78 2d 75 69 40 32 35 2e 34 36 2e 30 22 2c 22 72 65 61 63 74 22 2c 22 72 65 61 63 74 2d 72 6f 75 74 65 72 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 72 3d 7b 7d 2c 6e 3d 7b 7d 2c 6f 3d 7b 7d 3b 72 65 74 75 72 6e 7b 73 65 74 74 65 72 73 3a 5b 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 2e 63 6f 6e 66 69 72 6d 4d 6f Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevuseractionspilet,{"@citrite/citrix-ui@25.46.0":"citrite-citrix-ui.js"})System.register(["@citrite/citrix-ui@25.46.0","react","react-router"],(function(e,t){var r={},n={},o={};return{setters:[function(e){r.confirmMo
2024-10-14 03:48:20 UTC	8047	IN	Data Raw: 72 67 65 28 7b 7d 2c 74 29 3a 6e 2e 69 73 41 72 72 61 79 28 74 29 3f 74 2e 73 6c 69 63 65 28 29 3a 74 7d 66 75 6e 63 74 69 6f 6e 20 69 28 72 29 7b 72 65 74 75 72 6e 20 6e 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 74 5b 72 5d 29 3f 6e 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 65 5b 72 5d 29 3f 76 6f 69 64 20 30 3a 6f 28 75 6e 64 65 66 69 6e 65 64 2c 65 5b 72 5d 29 3a 6f 28 65 5b 72 5d 2c 74 5b 72 5d 29 7d 66 75 6e 63 74 69 6f 6e 20 73 28 65 29 7b 69 66 28 21 6e 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 74 5b 65 5d 29 29 72 65 74 75 72 6e 20 6f 28 75 6e 64 65 66 69 6e 65 64 2c 74 5b 65 5d 29 7d 66 75 6e 63 74 69 6f 6e 20 61 28 72 29 7b 72 65 74 75 72 6e 20 6e 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 74 5b 72 5d 29 3f 6e 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 65 5b 72 Data Ascii: rge({},t):n.isArray(t)?t.slice():t}function i(r){return n.isUndefined(t[r])?n.isUndefined(e[r])?void 0:o(undefined,e[r]):o(e[r],t[r])}function s(e){if(!n.isUndefined(t[e]))return o(undefined,t[e])}function a(r){return n.isUndefined(t[r])?n.isUndefined(e[r
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 3d 3d 75 6e 64 65 66 69 6e 65 64 7c 7c 61 28 75 2c 73 2c 65 29 3b 69 66 28 21 30 21 3d 3d 63 29 74 68 72 6f 77 20 6e 65 77 20 6f 28 22 6f 70 74 69 6f 6e 20 22 2b 73 2b 22 20 6d 75 73 74 20 62 65 20 22 2b 63 2c 6f 2e 45 52 52 5f 42 41 44 5f 4f 50 54 49 4f 4e 5f 56 41 4c 55 45 29 7d 65 6c 73 65 20 69 66 28 21 30 21 3d 3d 72 29 74 68 72 6f 77 20 6e 65 77 20 6f 28 22 55 6e 6b 6e 6f 77 6e 20 6f 70 74 69 6f 6e 20 22 2b 73 2c 6f 2e 45 52 52 5f 42 41 44 5f 4f 50 54 49 4f 4e 29 7d 7d 2c 76 61 6c 69 64 61 74 6f 72 73 3a 69 7d 7d 2c 34 38 36 37 3a 28 65 2c 74 2c 72 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 6e 2c 6f 3d 72 28 31 38 34 39 29 2c 69 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 74 6f 53 74 72 69 6e 67 2c 73 3d 28 6e 3d 4f 62 Data Ascii: ==undefined\|\|a(u,s,e);if(!0!==c)throw new o("option "+s+" must be "+c,o.ERR_BAD_OPTION_VALUE)}else if(!0!==r)throw new o("Unknown option "+s,o.ERR_BAD_OPTION)}},validators:i}},4867:(e,t,r)=>{"use strict";var n,o=r(1849),i=Object.prototype.toString,s=(n=Ob
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 28 3a 5b 30 2d 39 41 2d 46 61 2d 66 5d 7b 31 2c 34 7d 29 7b 31 2c 37 7d 29 7c 28 28 3a 5b 30 2d 39 41 2d 46 61 2d 66 5d 7b 31 2c 34 7d 29 7b 30 2c 35 7d 3a 28 28 32 35 5b 30 2d 35 5d 7c 32 5b 30 2d 34 5d 5c 64 7c 31 5c 64 5c 64 7c 5b 31 2d 39 5d 3f 5c 64 29 28 5c 2e 28 32 35 5b 30 2d 35 5d 7c 32 5b 30 2d 34 5d 5c 64 7c 31 5c 64 5c 64 7c 5b 31 2d 39 5d 3f 5c 64 29 29 7b 33 7d 29 29 7c 3a 29 29 29 28 25 2e 2b 29 3f 5c 73 2a 24 2f 2c 69 2e 66 69 6e 64 5f 75 72 69 5f 65 78 70 72 65 73 73 69 6f 6e 3d 2f 5c 62 28 28 3f 3a 5b 61 2d 7a 5d 5b 5c 77 2d 5d 2b 3a 28 3f 3a 5c 2f 7b 31 2c 33 7d 7c 5b 61 2d 7a 30 2d 39 25 5d 29 7c 77 77 77 5c 64 7b 30 2c 33 7d 5b 2e 5d 7c 5b 61 2d 7a 30 2d 39 2e 5c 2d 5d 2b 5b 2e 5d 5b 61 2d 7a 5d 7b 32 2c 34 7d 5c 2f 29 28 3f 3a 5b 5e Data Ascii: (:[0-9A-Fa-f]{1,4}){1,7})\|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)(\.(25[0-5]\|2[0-4]\d\|1\d\d\|[1-9]?\d)){3}))\|:)))(%.+)?\s*$/,i.find_uri_expression=/\b((?:[a-z][\w-]+:(?:\/{1,3}\|[a-z0-9%])\|www\d{0,3}[.]\|[a-z0-9.\-]+[.][a-z]{2,4}\/)(?:[^
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 6f 75 72 63 65 3a 22 73 72 63 22 2c 74 72 61 63 6b 3a 22 73 72 63 22 2c 69 6e 70 75 74 3a 22 73 72 63 22 2c 61 75 64 69 6f 3a 22 73 72 63 22 2c 76 69 64 65 6f 3a 22 73 72 63 22 7d 2c 69 2e 67 65 74 44 6f 6d 41 74 74 72 69 62 75 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 21 65 7c 7c 21 65 2e 6e 6f 64 65 4e 61 6d 65 29 72 65 74 75 72 6e 20 75 6e 64 65 66 69 6e 65 64 3b 76 61 72 20 74 3d 65 2e 6e 6f 64 65 4e 61 6d 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 22 69 6e 70 75 74 22 3d 3d 3d 74 26 26 22 69 6d 61 67 65 22 21 3d 3d 65 2e 74 79 70 65 3f 75 6e 64 65 66 69 6e 65 64 3a 69 2e 64 6f 6d 41 74 74 72 69 62 75 74 65 73 5b 74 5d 7d 2c 69 2e 65 6e 63 6f 64 65 3d 76 2c 69 2e 64 65 63 6f 64 65 3d 64 65 63 6f 64 65 55 52 49 43 6f Data Ascii: ource:"src",track:"src",input:"src",audio:"src",video:"src"},i.getDomAttribute=function(e){if(!e\|\|!e.nodeName)return undefined;var t=e.nodeName.toLowerCase();return"input"===t&&"image"!==e.type?undefined:i.domAttributes[t]},i.encode=v,i.decode=decodeURICo
2024-10-14 03:48:21 UTC	2800	IN	Data Raw: 22 49 50 22 29 29 74 68 72 6f 77 20 6e 65 77 20 52 65 66 65 72 65 6e 63 65 45 72 72 6f 72 28 22 63 61 6e 6e 6f 74 20 73 65 74 20 54 4c 44 20 6f 6e 20 6e 6f 6e 2d 64 6f 6d 61 69 6e 20 68 6f 73 74 22 29 3b 69 3d 6e 65 77 20 52 65 67 45 78 70 28 75 28 74 68 69 73 2e 74 6c 64 28 29 29 2b 22 24 22 29 2c 74 68 69 73 2e 5f 70 61 72 74 73 2e 68 6f 73 74 6e 61 6d 65 3d 74 68 69 73 2e 5f 70 61 72 74 73 2e 68 6f 73 74 6e 61 6d 65 2e 72 65 70 6c 61 63 65 28 69 2c 65 29 7d 72 65 74 75 72 6e 20 74 68 69 73 2e 62 75 69 6c 64 28 21 74 29 2c 74 68 69 73 7d 2c 73 2e 64 69 72 65 63 74 6f 72 79 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 74 68 69 73 2e 5f 70 61 72 74 73 2e 75 72 6e 29 72 65 74 75 72 6e 20 65 3d 3d 3d 75 6e 64 65 66 69 6e 65 64 3f 22 22 3a 74 68 69 Data Ascii: "IP"))throw new ReferenceError("cannot set TLD on non-domain host");i=new RegExp(u(this.tld())+"$"),this._parts.hostname=this._parts.hostname.replace(i,e)}return this.build(!t),this},s.directory=function(e,t){if(this._parts.urn)return e===undefined?"":thi
2024-10-14 03:48:21 UTC	8949	IN	Data Raw: 74 75 72 6e 20 6e 7d 69 66 28 66 28 74 29 29 66 6f 72 28 6f 3d 30 2c 73 3d 74 2e 6c 65 6e 67 74 68 3b 6f 3c 73 3b 6f 2b 2b 29 74 5b 6f 5d 3d 69 2e 65 6e 63 6f 64 65 28 74 5b 6f 5d 29 3b 65 6c 73 65 20 74 3d 22 73 74 72 69 6e 67 22 3d 3d 74 79 70 65 6f 66 20 74 7c 7c 74 20 69 6e 73 74 61 6e 63 65 6f 66 20 53 74 72 69 6e 67 3f 69 2e 65 6e 63 6f 64 65 28 74 29 3a 74 3b 72 65 74 75 72 6e 20 74 68 69 73 2e 73 65 67 6d 65 6e 74 28 65 2c 74 2c 72 29 7d 3b 76 61 72 20 50 3d 73 2e 71 75 65 72 79 3b 72 65 74 75 72 6e 20 73 2e 71 75 65 72 79 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 69 66 28 21 30 3d 3d 3d 65 29 72 65 74 75 72 6e 20 69 2e 70 61 72 73 65 51 75 65 72 79 28 74 68 69 73 2e 5f 70 61 72 74 73 2e 71 75 65 72 79 2c 74 68 69 73 2e 5f 70 61 72 74 73 2e 65 Data Ascii: turn n}if(f(t))for(o=0,s=t.length;o<s;o++)t[o]=i.encode(t[o]);else t="string"==typeof t\|\|t instanceof String?i.encode(t):t;return this.segment(e,t,r)};var P=s.query;return s.query=function(e,t){if(!0===e)return i.parseQuery(this._parts.query,this._parts.e
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 2e 73 70 6c 69 63 65 28 6b 2b 2b 2c 30 2c 78 29 7d 72 65 74 75 72 6e 20 50 28 62 29 7d 66 75 6e 63 74 69 6f 6e 20 54 28 65 29 7b 76 61 72 20 74 2c 72 2c 6e 2c 6f 2c 69 2c 73 2c 66 2c 64 2c 6d 2c 76 2c 79 2c 62 2c 5f 2c 78 2c 4f 2c 50 3d 5b 5d 3b 66 6f 72 28 62 3d 28 65 3d 41 28 65 29 29 2e 6c 65 6e 67 74 68 2c 74 3d 68 2c 72 3d 30 2c 69 3d 70 2c 73 3d 30 3b 73 3c 62 3b 2b 2b 73 29 28 79 3d 65 5b 73 5d 29 3c 31 32 38 26 26 50 2e 70 75 73 68 28 6b 28 79 29 29 3b 66 6f 72 28 6e 3d 6f 3d 50 2e 6c 65 6e 67 74 68 2c 6f 26 26 50 2e 70 75 73 68 28 67 29 3b 6e 3c 62 3b 29 7b 66 6f 72 28 66 3d 61 2c 73 3d 30 3b 73 3c 62 3b 2b 2b 73 29 28 79 3d 65 5b 73 5d 29 3e 3d 74 26 26 79 3c 66 26 26 28 66 3d 79 29 3b 66 6f 72 28 66 2d 74 3e 77 28 28 61 2d 72 29 2f 28 5f 3d 6e Data Ascii: .splice(k++,0,x)}return P(b)}function T(e){var t,r,n,o,i,s,f,d,m,v,y,b,_,x,O,P=[];for(b=(e=A(e)).length,t=h,r=0,i=p,s=0;s<b;++s)(y=e[s])<128&&P.push(k(y));for(n=o=P.length,o&&P.push(g);n<b;){for(f=a,s=0;s<b;++s)(y=e[s])>=t&&y<f&&(f=y);for(f-t>w((a-r)/(_=n
2024-10-14 03:48:21 UTC	1514	IN	Data Raw: 75 73 22 3a 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 53 68 61 72 65 46 69 6c 65 2e 41 70 69 2e 4d 6f 64 65 6c 73 2e 46 69 6c 65 22 3d 3d 3d 65 5b 22 6f 64 61 74 61 2e 74 79 70 65 22 5d 7d 28 65 29 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 53 68 61 72 65 46 69 6c 65 2e 41 70 69 2e 4d 6f 64 65 6c 73 2e 46 6f 6c 64 65 72 22 3d 3d 3d 65 5b 22 6f 64 61 74 61 2e 74 79 70 65 22 5d 7d 28 65 29 3b 63 61 73 65 22 5a 6f 6e 65 53 65 72 76 69 63 65 73 22 3a 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 26 26 22 53 68 61 72 65 46 69 6c 65 2e 41 70 69 2e 4d 6f 64 65 6c 73 2e 5a 6f 6e 65 22 3d 3d 3d 65 5b 22 6f 64 61 74 61 2e 74 79 70 65 22 5d 7d 28 65 29 Data Ascii: us":return function(e){return e&&"ShareFile.Api.Models.File"===e["odata.type"]}(e)\|\|function(e){return e&&"ShareFile.Api.Models.Folder"===e["odata.type"]}(e);case"ZoneServices":return function(e){return e&&"ShareFile.Api.Models.Zone"===e["odata.type"]}(e)
2024-10-14 03:48:21 UTC	7969	IN	Data Raw: 6a 3d 75 6e 64 65 66 69 6e 65 64 26 26 75 6e 64 65 66 69 6e 65 64 2e 5f 5f 73 70 72 65 61 64 41 72 72 61 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 2c 74 2c 72 29 7b 69 66 28 72 7c 7c 32 3d 3d 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 66 6f 72 28 76 61 72 20 6e 2c 6f 3d 30 2c 69 3d 74 2e 6c 65 6e 67 74 68 3b 6f 3c 69 3b 6f 2b 2b 29 21 6e 26 26 6f 20 69 6e 20 74 7c 7c 28 6e 7c 7c 28 6e 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 2c 30 2c 6f 29 29 2c 6e 5b 6f 5d 3d 74 5b 6f 5d 29 3b 72 65 74 75 72 6e 20 65 2e 63 6f 6e 63 61 74 28 6e 7c 7c 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 73 6c 69 63 65 2e 63 61 6c 6c 28 74 29 29 7d 2c 55 3d 22 4e 65 74 77 6f 72 6b 45 72 72 6f 72 22 3b 21 66 75 6e 63 74 69 6f Data Ascii: j=undefined&&undefined.__spreadArray\|\|function(e,t,r){if(r\|\|2===arguments.length)for(var n,o=0,i=t.length;o<i;o++)!n&&o in t\|\|(n\|\|(n=Array.prototype.slice.call(t,0,o)),n[o]=t[o]);return e.concat(n\|\|Array.prototype.slice.call(t))},U="NetworkError";!functio

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	604	OUT	GET /sharefile-web/sharefiledev-task-mgt-pilet/1.7.0/package/dist/index.js HTTP/1.1 Host: piletfeed-cdn.sharefile.io Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://totalcanterbury0.sharefile.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: script Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	607	IN	HTTP/1.1 200 OK Content-Type: application/x-javascript Content-Length: 199868 Connection: close Date: Mon, 14 Oct 2024 03:48:21 GMT Last-Modified: Tue, 30 Jul 2024 08:42:51 GMT ETag: "114e798d503a347aab2a537702e1593f" x-amz-server-side-encryption: AES256 Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding X-Cache: Miss from cloudfront Via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA2-C1 X-Amz-Cf-Id: APnvyGU5adEPWPL1zstlUDpNOaPZsTzxLyQxA1XH_2N36KuH5bCCuA== Access-Control-Allow-Origin: https://totalcanterbury0.sharefile.com Vary: Origin
2024-10-14 03:48:20 UTC	15777	IN	Data Raw: 2f 2f 40 70 69 6c 65 74 20 76 3a 32 28 77 65 62 70 61 63 6b 43 68 75 6e 6b 70 72 5f 73 68 61 72 65 66 69 6c 65 64 65 76 74 61 73 6b 6d 67 74 70 69 6c 65 74 2c 7b 7d 29 0a 53 79 73 74 65 6d 2e 72 65 67 69 73 74 65 72 28 5b 22 40 73 68 61 72 65 66 69 6c 65 64 65 76 2f 61 6e 74 64 2d 63 6f 6e 66 69 67 22 2c 22 61 6e 74 64 22 2c 22 72 65 61 63 74 22 2c 22 72 65 61 63 74 2d 64 6f 6d 22 2c 22 74 73 6c 69 62 22 5d 2c 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 76 61 72 20 6e 3d 7b 7d 2c 72 3d 7b 7d 2c 6f 3d 7b 7d 2c 69 3d 7b 7d 2c 61 3d 7b 7d 3b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 6f 2c 22 5f 5f 65 73 4d 6f 64 75 6c 65 22 2c 7b 76 61 6c 75 65 3a 21 30 7d 29 2c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 Data Ascii: //@pilet v:2(webpackChunkpr_sharefiledevtaskmgtpilet,{})System.register(["@sharefiledev/antd-config","antd","react","react-dom","tslib"],(function(e,t){var n={},r={},o={},i={},a={};return Object.defineProperty(o,"__esModule",{value:!0}),Object.defineProp
2024-10-14 03:48:20 UTC	1219	IN	Data Raw: 44 6f 63 54 68 75 6d 62 3d 38 5d 3d 22 43 61 6e 44 6f 63 54 68 75 6d 62 22 2c 65 5b 65 2e 43 61 6e 44 6f 63 50 72 65 76 69 65 77 3d 31 36 5d 3d 22 43 61 6e 44 6f 63 50 72 65 76 69 65 77 22 2c 65 5b 65 2e 52 65 71 75 69 72 65 73 50 72 65 76 69 65 77 3d 33 32 5d 3d 22 52 65 71 75 69 72 65 73 50 72 65 76 69 65 77 22 2c 65 5b 65 2e 50 72 6f 63 65 73 73 69 6e 67 3d 36 34 5d 3d 22 50 72 6f 63 65 73 73 69 6e 67 22 2c 65 5b 65 2e 46 61 69 6c 65 64 3d 31 32 38 5d 3d 22 46 61 69 6c 65 64 22 7d 28 79 7c 7c 28 79 3d 7b 7d 29 29 3b 76 61 72 20 76 2c 62 3d 7b 44 65 66 61 75 6c 74 3a 22 44 65 66 61 75 6c 74 22 2c 46 6f 6c 64 65 72 73 46 69 72 73 74 3a 22 46 6f 6c 64 65 72 73 46 69 72 73 74 22 2c 55 73 65 46 6f 6c 64 65 72 4f 70 74 69 6f 6e 73 3a 22 55 73 65 46 6f 6c 64 Data Ascii: DocThumb=8]="CanDocThumb",e[e.CanDocPreview=16]="CanDocPreview",e[e.RequiresPreview=32]="RequiresPreview",e[e.Processing=64]="Processing",e[e.Failed=128]="Failed"}(y\|\|(y={}));var v,b={Default:"Default",FoldersFirst:"FoldersFirst",UseFolderOptions:"UseFold
2024-10-14 03:48:20 UTC	16384	IN	Data Raw: 6e 6e 65 63 74 6f 72 3d 31 30 32 34 5d 3d 22 47 65 6e 65 72 69 63 43 6f 6e 6e 65 63 74 6f 72 22 2c 65 5b 65 2e 4f 6e 65 44 72 69 76 65 42 75 73 69 6e 65 73 73 43 6f 6e 6e 65 63 74 6f 72 3d 32 30 34 38 5d 3d 22 4f 6e 65 44 72 69 76 65 42 75 73 69 6e 65 73 73 43 6f 6e 6e 65 63 74 6f 72 22 2c 65 5b 65 2e 53 68 61 72 65 43 6f 6e 6e 65 63 74 43 6f 6e 6e 65 63 74 6f 72 3d 34 30 39 36 5d 3d 22 53 68 61 72 65 43 6f 6e 6e 65 63 74 43 6f 6e 6e 65 63 74 6f 72 22 2c 65 5b 65 2e 50 72 65 76 69 65 77 3d 38 31 39 32 5d 3d 22 50 72 65 76 69 65 77 22 2c 65 5b 65 2e 48 69 67 68 43 6f 6e 63 75 72 72 65 6e 63 79 3d 31 36 33 38 34 5d 3d 22 48 69 67 68 43 6f 6e 63 75 72 72 65 6e 63 79 22 2c 65 5b 65 2e 49 6e 66 6f 72 6d 61 74 69 6f 6e 52 69 67 68 74 73 4d 61 6e 61 67 65 6d 65 Data Ascii: nnector=1024]="GenericConnector",e[e.OneDriveBusinessConnector=2048]="OneDriveBusinessConnector",e[e.ShareConnectConnector=4096]="ShareConnectConnector",e[e.Preview=8192]="Preview",e[e.HighConcurrency=16384]="HighConcurrency",e[e.InformationRightsManageme
2024-10-14 03:48:20 UTC	1024	IN	Data Raw: 65 78 70 6f 72 74 73 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 76 61 72 20 74 2c 6e 2c 69 2c 61 3d 7b 7d 3b 72 65 74 75 72 6e 20 65 3f 28 72 2e 66 6f 72 45 61 63 68 28 65 2e 73 70 6c 69 74 28 22 5c 6e 22 29 2c 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 69 3d 65 2e 69 6e 64 65 78 4f 66 28 22 3a 22 29 2c 74 3d 72 2e 74 72 69 6d 28 65 2e 73 75 62 73 74 72 28 30 2c 69 29 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 6e 3d 72 2e 74 72 69 6d 28 65 2e 73 75 62 73 74 72 28 69 2b 31 29 29 2c 74 29 7b 69 66 28 61 5b 74 5d 26 26 6f 2e 69 6e 64 65 78 4f 66 28 74 29 3e 3d 30 29 72 65 74 75 72 6e 3b 61 5b 74 5d 3d 22 73 65 74 2d 63 6f 6f 6b 69 65 22 3d 3d 3d 74 3f 28 61 5b 74 5d 3f 61 5b 74 5d 3a 5b 5d 29 2e 63 6f 6e 63 61 74 28 5b 6e 5d 29 3a 61 5b 74 5d 3f 61 5b Data Ascii: exports=function(e){var t,n,i,a={};return e?(r.forEach(e.split("\n"),(function(e){if(i=e.indexOf(":"),t=r.trim(e.substr(0,i)).toLowerCase(),n=r.trim(e.substr(i+1)),t){if(a[t]&&o.indexOf(t)>=0)return;a[t]="set-cookie"===t?(a[t]?a[t]:[]).concat([n]):a[t]?a[
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 6e 2c 22 5b 5d 22 29 26 26 28 73 3d 72 2e 74 6f 41 72 72 61 79 28 65 29 29 29 72 65 74 75 72 6e 20 76 6f 69 64 20 73 2e 66 6f 72 45 61 63 68 28 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 21 72 2e 69 73 55 6e 64 65 66 69 6e 65 64 28 65 29 26 26 74 2e 61 70 70 65 6e 64 28 75 2c 6f 28 65 29 29 7d 29 29 3b 69 28 65 2c 75 29 7d 7d 29 29 2c 6e 2e 70 6f 70 28 29 7d 65 6c 73 65 20 74 2e 61 70 70 65 6e 64 28 61 2c 6f 28 65 29 29 7d 28 65 29 2c 74 7d 7d 2c 38 35 30 38 30 3a 28 65 2c 74 2c 6e 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 72 3d 6e 28 34 32 33 33 34 29 2e 76 65 72 73 69 6f 6e 2c 6f 3d 6e 28 36 39 39 37 33 29 2c 69 3d 7b 7d 3b 5b 22 6f 62 6a 65 63 74 22 2c 22 62 6f 6f 6c 65 61 6e 22 2c 22 6e 75 6d 62 65 72 22 2c 22 66 75 6e 63 74 69 6f 6e Data Ascii: n,"[]")&&(s=r.toArray(e)))return void s.forEach((function(e){!r.isUndefined(e)&&t.append(u,o(e))}));i(e,u)}})),n.pop()}else t.append(a,o(e))}(e),t}},85080:(e,t,n)=>{"use strict";var r=n(42334).version,o=n(69973),i={};["object","boolean","number","function
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 6e 67 7c 6c 69 67 68 74 69 6e 67 43 6f 6c 6f 72 7c 6c 69 6d 69 74 69 6e 67 43 6f 6e 65 41 6e 67 6c 65 7c 6c 6f 63 61 6c 7c 6d 61 72 6b 65 72 45 6e 64 7c 6d 61 72 6b 65 72 4d 69 64 7c 6d 61 72 6b 65 72 53 74 61 72 74 7c 6d 61 72 6b 65 72 48 65 69 67 68 74 7c 6d 61 72 6b 65 72 55 6e 69 74 73 7c 6d 61 72 6b 65 72 57 69 64 74 68 7c 6d 61 73 6b 7c 6d 61 73 6b 43 6f 6e 74 65 6e 74 55 6e 69 74 73 7c 6d 61 73 6b 55 6e 69 74 73 7c 6d 61 74 68 65 6d 61 74 69 63 61 6c 7c 6d 6f 64 65 7c 6e 75 6d 4f 63 74 61 76 65 73 7c 6f 66 66 73 65 74 7c 6f 70 61 63 69 74 79 7c 6f 70 65 72 61 74 6f 72 7c 6f 72 64 65 72 7c 6f 72 69 65 6e 74 7c 6f 72 69 65 6e 74 61 74 69 6f 6e 7c 6f 72 69 67 69 6e 7c 6f 76 65 72 66 6c 6f 77 7c 6f 76 65 72 6c 69 6e 65 50 6f 73 69 74 69 6f 6e 7c 6f 76 Data Ascii: ng\|lightingColor\|limitingConeAngle\|local\|markerEnd\|markerMid\|markerStart\|markerHeight\|markerUnits\|markerWidth\|mask\|maskContentUnits\|maskUnits\|mathematical\|mode\|numOctaves\|offset\|opacity\|operator\|order\|orient\|orientation\|origin\|overflow\|overlinePosition\|ov
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 32 7c 75 6e 64 65 72 6c 69 6e 65 50 6f 73 69 74 69 6f 6e 7c 75 6e 64 65 72 6c 69 6e 65 54 68 69 63 6b 6e 65 73 73 7c 75 6e 69 63 6f 64 65 7c 75 6e 69 63 6f 64 65 42 69 64 69 7c 75 6e 69 63 6f 64 65 52 61 6e 67 65 7c 75 6e 69 74 73 50 65 72 45 6d 7c 76 41 6c 70 68 61 62 65 74 69 63 7c 76 48 61 6e 67 69 6e 67 7c 76 49 64 65 6f 67 72 61 70 68 69 63 7c 76 4d 61 74 68 65 6d 61 74 69 63 61 6c 7c 76 61 6c 75 65 73 7c 76 65 63 74 6f 72 45 66 66 65 63 74 7c 76 65 72 73 69 6f 6e 7c 76 65 72 74 41 64 76 59 7c 76 65 72 74 4f 72 69 67 69 6e 58 7c 76 65 72 74 4f 72 69 67 69 6e 59 7c 76 69 65 77 42 6f 78 7c 76 69 65 77 54 61 72 67 65 74 7c 76 69 73 69 62 69 6c 69 74 79 7c 77 69 64 74 68 73 7c 77 6f 72 64 53 70 61 63 69 6e 67 7c 77 72 69 74 69 6e 67 4d 6f 64 65 7c 78 7c Data Ascii: 2\|underlinePosition\|underlineThickness\|unicode\|unicodeBidi\|unicodeRange\|unitsPerEm\|vAlphabetic\|vHanging\|vIdeographic\|vMathematical\|values\|vectorEffect\|version\|vertAdvY\|vertOriginX\|vertOriginY\|viewBox\|viewTarget\|visibility\|widths\|wordSpacing\|writingMode\|x\|
2024-10-14 03:48:21 UTC	1024	IN	Data Raw: 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 67 65 74 4f 77 6e 50 72 6f 70 65 72 74 79 4e 61 6d 65 73 28 65 29 7d 3b 76 61 72 20 6f 3d 4e 75 6d 62 65 72 2e 69 73 4e 61 4e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 21 3d 65 7d 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 69 2e 69 6e 69 74 2e 63 61 6c 6c 28 74 68 69 73 29 7d 65 2e 65 78 70 6f 72 74 73 3d 69 2c 65 2e 65 78 70 6f 72 74 73 2e 6f 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 66 75 6e 63 74 69 6f 6e 28 6e 2c 72 29 7b 66 75 6e 63 74 69 6f 6e 20 6f 28 6e 29 7b 65 2e 72 65 6d 6f 76 65 4c 69 73 74 65 6e 65 72 28 74 2c 69 29 2c 72 28 6e 29 7d 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 22 66 75 Data Ascii: ction(e){return Object.getOwnPropertyNames(e)};var o=Number.isNaN\|\|function(e){return e!=e};function i(){i.init.call(this)}e.exports=i,e.exports.once=function(e,t){return new Promise((function(n,r){function o(n){e.removeListener(t,i),r(n)}function i(){"fu
2024-10-14 03:48:21 UTC	16384	IN	Data Raw: 29 61 3d 69 5b 74 5d 3d 6e 2c 2b 2b 65 2e 5f 65 76 65 6e 74 73 43 6f 75 6e 74 3b 65 6c 73 65 20 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 61 3f 61 3d 69 5b 74 5d 3d 72 3f 5b 6e 2c 61 5d 3a 5b 61 2c 6e 5d 3a 72 3f 61 2e 75 6e 73 68 69 66 74 28 6e 29 3a 61 2e 70 75 73 68 28 6e 29 2c 28 6f 3d 75 28 65 29 29 3e 30 26 26 61 2e 6c 65 6e 67 74 68 3e 6f 26 26 21 61 2e 77 61 72 6e 65 64 29 7b 61 2e 77 61 72 6e 65 64 3d 21 30 3b 76 61 72 20 6c 3d 6e 65 77 20 45 72 72 6f 72 28 22 50 6f 73 73 69 62 6c 65 20 45 76 65 6e 74 45 6d 69 74 74 65 72 20 6d 65 6d 6f 72 79 20 6c 65 61 6b 20 64 65 74 65 63 74 65 64 2e 20 22 2b 61 2e 6c 65 6e 67 74 68 2b 22 20 22 2b 53 74 72 69 6e 67 28 74 29 2b 22 20 6c 69 73 74 65 6e 65 72 73 20 61 64 64 65 64 2e 20 55 Data Ascii: )a=i[t]=n,++e._eventsCount;else if("function"==typeof a?a=i[t]=r?[n,a]:[a,n]:r?a.unshift(n):a.push(n),(o=u(e))>0&&a.length>o&&!a.warned){a.warned=!0;var l=new Error("Possible EventEmitter memory leak detected. "+a.length+" "+String(t)+" listeners added. U
2024-10-14 03:48:21 UTC	1514	IN	Data Raw: 65 3d 68 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 53 74 61 74 65 2e 63 61 6c 6c 28 74 68 69 73 29 3b 72 65 74 75 72 6e 20 65 2e 62 75 66 66 3d 64 28 65 2e 62 75 66 66 29 2c 65 7d 2c 68 2e 41 72 72 61 79 42 75 66 66 65 72 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 53 74 61 74 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 72 65 74 75 72 6e 20 65 2e 62 75 66 66 3d 6c 28 65 2e 62 75 66 66 2c 21 30 29 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 53 74 61 74 65 2e 63 61 6c 6c 28 74 68 69 73 2c 65 29 7d 2c 68 2e 41 72 72 61 79 42 75 66 66 65 72 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 73 74 72 6f 79 3d 68 2e 70 72 6f 74 6f 74 79 70 65 2e 64 65 73 74 72 6f 79 2c 68 2e 41 72 72 61 79 42 75 66 66 65 72 2e 70 72 6f 74 6f 74 79 70 65 2e 5f 66 69 6e 69 73 68 3d 68 2e 70 Data Ascii: e=h.prototype.getState.call(this);return e.buff=d(e.buff),e},h.ArrayBuffer.prototype.setState=function(e){return e.buff=l(e.buff,!0),h.prototype.setState.call(this,e)},h.ArrayBuffer.prototype.destroy=h.prototype.destroy,h.ArrayBuffer.prototype._finish=h.p

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:20 UTC	782	OUT	POST /api/4506735163932672/envelope/?sentry_key=0be0069dd70d0ce2c63c650418f56fa6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.100.1 HTTP/1.1 Host: o49063.ingest.sentry.io Connection: keep-alive Content-Length: 470 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain;charset=UTF-8 Accept: / Origin: https://totalcanterbury0.sharefile.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://totalcanterbury0.sharefile.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:20 UTC	470	OUT	Data Raw: 7b 22 73 65 6e 74 5f 61 74 22 3a 22 32 30 32 34 2d 31 30 2d 31 34 54 30 33 3a 34 38 3a 31 38 2e 36 30 33 5a 22 2c 22 73 64 6b 22 3a 7b 22 6e 61 6d 65 22 3a 22 73 65 6e 74 72 79 2e 6a 61 76 61 73 63 72 69 70 74 2e 72 65 61 63 74 22 2c 22 76 65 72 73 69 6f 6e 22 3a 22 37 2e 31 30 30 2e 31 22 7d 7d 0a 7b 22 74 79 70 65 22 3a 22 73 65 73 73 69 6f 6e 22 7d 0a 7b 22 73 69 64 22 3a 22 66 64 38 64 35 34 66 30 32 65 36 38 34 39 33 34 38 39 34 39 39 30 37 37 37 64 63 32 32 64 65 66 22 2c 22 69 6e 69 74 22 3a 74 72 75 65 2c 22 73 74 61 72 74 65 64 22 3a 22 32 30 32 34 2d 31 30 2d 31 34 54 30 33 3a 34 38 3a 31 38 2e 35 39 38 5a 22 2c 22 74 69 6d 65 73 74 61 6d 70 22 3a 22 32 30 32 34 2d 31 30 2d 31 34 54 30 33 3a 34 38 3a 31 38 2e 36 30 33 5a 22 2c 22 73 74 61 74 75 Data Ascii: {"sent_at":"2024-10-14T03:48:18.603Z","sdk":{"name":"sentry.javascript.react","version":"7.100.1"}}{"type":"session"}{"sid":"fd8d54f02e684934894990777dc22def","init":true,"started":"2024-10-14T03:48:18.598Z","timestamp":"2024-10-14T03:48:18.603Z","statu
2024-10-14 03:48:20 UTC	521	IN	HTTP/1.1 200 OK Server: nginx Date: Mon, 14 Oct 2024 03:48:20 GMT Content-Type: application/json Content-Length: 2 vary: origin, access-control-request-method, access-control-request-headers access-control-allow-origin: * access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy: cross-origin Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-10-14 03:48:20 UTC	2	IN	Data Raw: 7b 7d Data Ascii: {}

Timestamp	Bytes transferred	Direction	Data
2024-10-14 03:48:21 UTC	654	OUT	POST /0093b71e39a6/478ed03bbf12/telemetry HTTP/1.1 Host: 0093b71e39a6.11de9b12.us-east-1.token.awswaf.com Connection: keep-alive Content-Length: 1274 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: text/plain;charset=UTF-8 Accept: / Origin: https://totalcanterbury0.sharefile.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-10-14 03:48:21 UTC	1274	OUT	Data Raw: 7b 22 65 78 69 73 74 69 6e 67 5f 74 6f 6b 65 6e 22 3a 22 34 61 64 66 64 32 33 33 2d 39 36 31 62 2d 34 38 66 64 2d 39 64 30 38 2d 31 63 66 35 62 38 31 31 35 65 39 35 3a 45 51 6f 41 71 5a 45 61 62 50 77 55 41 41 41 41 3a 5a 53 52 56 50 4a 72 63 5a 4f 69 7a 4a 49 71 6b 68 63 44 68 4b 77 51 58 6c 38 49 4b 7a 6c 63 32 72 50 6b 43 6c 79 44 2b 4f 36 34 64 6b 48 50 73 65 44 32 50 2b 47 76 2f 71 4b 79 63 31 43 65 4a 65 62 62 72 48 77 4e 35 4f 4d 5a 50 62 52 34 54 56 72 6a 39 39 6b 33 53 37 69 7a 53 4d 35 74 43 62 55 61 7a 70 30 42 68 57 53 65 6f 6d 69 45 4f 7a 69 53 4d 6c 56 46 5a 50 47 70 72 6e 52 72 35 49 61 44 57 37 73 32 51 4f 71 47 72 63 42 34 6f 50 32 4e 54 39 57 6c 71 54 66 53 75 78 37 79 47 30 68 50 55 44 34 56 34 43 4c 54 58 4c 6b 39 42 72 4f 42 6e 67 4b Data Ascii: {"existing_token":"4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAqZEabPwUAAAA:ZSRVPJrcZOizJIqkhcDhKwQXl8IKzlc2rPkClyD+O64dkHPseD2P+Gv/qKyc1CeJebbrHwN5OMZPbR4TVrj99k3S7izSM5tCbUazp0BhWSeomiEOziSMlVFZPGprnRr5IaDW7s2QOqGrcB4oP2NT9WlqTfSux7yG0hPUD4V4CLTXLk9BrOBngK
2024-10-14 03:48:21 UTC	615	IN	HTTP/1.1 200 OK Content-Type: application/json Content-Length: 864 Connection: close Date: Mon, 14 Oct 2024 03:48:21 GMT access-control-max-age: 86400 access-control-allow-origin: * access-control-allow-methods: OPTIONS,GET,POST cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: 0 x-amzn-waf-challenge-id: Root=1-670c9485-6cb90b623eb637a6401e1aa6 X-Cache: Miss from cloudfront Via: 1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: FRA56-P8 Alt-Svc: h3=":443"; ma=86400 X-Amz-Cf-Id: U_iAYwm7ajCSnq7us6yZTyHXtzk7qO8TqbiPywYrYwCWq_Pg6XijTw==
2024-10-14 03:48:21 UTC	864	IN	Data Raw: 7b 22 74 6f 6b 65 6e 22 3a 22 34 61 64 66 64 32 33 33 2d 39 36 31 62 2d 34 38 66 64 2d 39 64 30 38 2d 31 63 66 35 62 38 31 31 35 65 39 35 3a 45 51 6f 41 6c 57 6f 61 73 75 49 46 41 41 41 41 3a 4a 46 2b 33 44 61 48 4c 77 30 79 77 73 45 65 35 71 6e 78 2b 4a 6f 2f 6c 46 6d 39 33 73 2f 51 6c 46 2b 59 38 79 6c 44 2f 48 36 6d 52 39 4b 42 73 53 70 4f 66 79 31 64 5a 67 78 61 2b 33 58 47 32 78 4f 52 57 50 54 54 36 57 42 4a 76 76 30 62 44 32 51 41 58 43 78 38 72 43 61 78 54 78 51 2b 76 51 58 2b 56 76 31 47 63 44 32 7a 2f 31 56 79 2b 66 38 72 75 78 58 45 6d 7a 36 55 6c 6f 6b 72 51 79 35 47 54 6e 38 78 6d 48 42 2f 61 59 65 77 7a 65 71 44 43 57 57 58 6a 63 4f 6b 37 47 64 6a 49 78 44 67 4f 58 6d 69 49 65 58 67 6f 6c 31 32 54 54 32 6d 4b 68 31 6f 46 59 41 46 61 76 2f 34 Data Ascii: {"token":"4adfd233-961b-48fd-9d08-1cf5b8115e95:EQoAlWoasuIFAAAA:JF+3DaHLw0ywsEe5qnx+Jo/lFm93s/QlF+Y8ylD/H6mR9KBsSpOfy1dZgxa+3XG2xORWPTT6WBJvv0bD2QAXCx8rCaxTxQ+vQX+Vv1GcD2z/1Vy+f8ruxXEmz6UlokrQy5GTn8xmHB/aYewzeqDCWWXjcOk7GdjIxDgOXmiIeXgol12TT2mKh1oFYAFav/4