Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://aka.ms/vmsettings

Overview

General Information

Sample URL:https://aka.ms/vmsettings
Analysis ID:1427028
Infos:

Detection

Score:1
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

HTML body contains low number of good links
HTML title does not match URL

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 4600 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 4632 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6460 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/vmsettings" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: Title: Sign in to your account does not match URL
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueHTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2
Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /vmsettings HTTP/1.1Host: aka.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: unknownDNS traffic detected: queries for: aka.ms
Source: chromecache_163.2.drString found in binary or memory: http://fontawesome.io
Source: chromecache_163.2.drString found in binary or memory: http://fontawesome.io/license
Source: chromecache_113.2.drString found in binary or memory: http://getbootstrap.com)
Source: chromecache_102.2.drString found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_136.2.drString found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/ac
Source: chromecache_148.2.drString found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/co
Source: chromecache_148.2.dr, chromecache_136.2.drString found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/re
Source: chromecache_136.2.drString found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Acc
Source: chromecache_113.2.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_88.2.drString found in binary or memory: https://login.microsoftonline.com
Source: chromecache_109.2.dr, chromecache_155.2.drString found in binary or memory: https://login.microsoftonline.com/
Source: chromecache_150.2.drString found in binary or memory: https://login.microsoftonline.com/common
Source: chromecache_109.2.dr, chromecache_155.2.drString found in binary or memory: https://login.microsoftonline.com/common/discovery/v2.0/keys
Source: chromecache_109.2.dr, chromecache_155.2.drString found in binary or memory: https://login.microsoftonline.com/common/oauth2/v2.0/token
Source: chromecache_135.2.dr, chromecache_106.2.drString found in binary or memory: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Source: chromecache_88.2.drString found in binary or memory: https://login.windows-ppe.net
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownHTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2
Source: classification engineClassification label: clean1.win@18/135@20/7
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/vmsettings"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection		1
Process Injection		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalse
    		unknown
    part-0013.t-0009.t-msedge.net
    		13.107.213.41
    		truefalse
      		unknown
      cs1100.wpc.omegacdn.net
      		152.199.4.44
      		truefalse
        		unknown
        www.google.com
        		64.233.176.147
        		truefalse
          		high
          aka.ms
          		23.54.202.151
          		truefalse
            		high
            passwordreset.microsoftonline.com
            		unknown
            		unknownfalse
              		high
              identity.nel.measure.office.net
              		unknown
              		unknownfalse
                		high
                aadcdn.msftauth.net
                		unknown
                		unknownfalse
                  		unknown
                  login.microsoftonline.com
                  		unknown
                  		unknownfalse
                    		high
                    ajax.aspnetcdn.com
                    		unknown
                    		unknownfalse
                      		high

                      Contacted URLs

                      NameMaliciousAntivirus DetectionReputation
                      https://aka.ms/vmsettingsfalse
                        		high

                        URLs from Memory and Binaries

                        NameSourceMaliciousAntivirus DetectionReputation
                        http://fontawesome.iochromecache_163.2.drfalse
                          		high
                          https://login.microsoftonline.com/chromecache_109.2.dr, chromecache_155.2.drfalse
                            		high
                            https://login.microsoftonline.comchromecache_88.2.drfalse
                              		high
                              https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/acchromecache_136.2.drfalse
                                		high
                                http://getbootstrap.com)chromecache_113.2.drfalse
                                  		low
                                  https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_113.2.drfalse
                                    		high
                                    https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Accchromecache_136.2.drfalse
                                      		high
                                      https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/rechromecache_148.2.dr, chromecache_136.2.drfalse
                                        		high
                                        https://login.windows-ppe.netchromecache_88.2.drfalse
                                          		high
                                          https://login.microsoftonline.com/common/v2.0/.well-known/openid-configurationchromecache_135.2.dr, chromecache_106.2.drfalse
                                            		high
                                            https://account.live.com/resetpassword.aspxchromecache_102.2.drfalse
                                              		high
                                              https://login.microsoftonline.com/common/discovery/v2.0/keyschromecache_109.2.dr, chromecache_155.2.drfalse
                                                		high
                                                https://login.microsoftonline.com/common/oauth2/v2.0/tokenchromecache_109.2.dr, chromecache_155.2.drfalse
                                                  		high
                                                  https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/cochromecache_148.2.drfalse
                                                    		high
                                                    https://login.microsoftonline.com/commonchromecache_150.2.drfalse
                                                      		high
                                                      http://fontawesome.io/licensechromecache_163.2.drfalse
                                                        		high

                                                        World Map of Contacted IPs

                                                        • No. of IPs < 25%
                                                        • 25% < No. of IPs < 50%
                                                        • 50% < No. of IPs < 75%
                                                        • 75% < No. of IPs

                                                        Public IPs

                                                        IPDomainCountryFlagASNASN NameMalicious
                                                        13.107.246.41
                                                        		unknownUnited States
                                                        		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                        23.54.202.151
                                                        		aka.msUnited States
                                                        		16625AKAMAI-ASUSfalse
                                                        239.255.255.250
                                                        		unknownReserved
                                                        		unknownunknownfalse
                                                        13.107.213.41
                                                        		part-0013.t-0009.t-msedge.netUnited States
                                                        		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                        64.233.176.147
                                                        		www.google.comUnited States
                                                        		15169GOOGLEUSfalse

                                                        Private

                                                        IP
                                                        192.168.2.17
                                                        192.168.2.4

                                                        General Information

                                                        Joe Sandbox version:40.0.0 Tourmaline
                                                        Analysis ID:1427028
                                                        Start date and time:2024-04-16 22:46:22 +02:00
                                                        Joe Sandbox product:CloudBasic
                                                        Overall analysis duration:0h 3m 44s
                                                        Hypervisor based Inspection enabled:false
                                                        Report type:full
                                                        Cookbook file name:browseurl.jbs
                                                        Sample URL:https://aka.ms/vmsettings
                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                        Number of analysed new started processes analysed:8
                                                        Number of new started drivers analysed:0
                                                        Number of existing processes analysed:0
                                                        Number of existing drivers analysed:0
                                                        Number of injected processes analysed:0
                                                        Technologies:
                                                        • HCA enabled
                                                        • EGA enabled
                                                        • AMSI enabled
                                                        Analysis Mode:default
                                                        Analysis stop reason:Timeout
                                                        Detection:CLEAN
                                                        Classification:clean1.win@18/135@20/7
                                                        EGA Information:Failed
                                                        HCA Information:
                                                        • Successful, ratio: 100%
                                                        • Number of executed functions: 0
                                                        • Number of non-executed functions: 0

                                                        Warnings

                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                                        • Excluded IPs from analysis (whitelisted): 172.253.124.94, 74.125.138.84, 173.194.219.113, 173.194.219.102, 173.194.219.139, 173.194.219.101, 173.194.219.100, 173.194.219.138, 34.104.35.123, 52.113.194.132, 40.126.29.14, 40.126.29.9, 20.190.157.11, 40.126.29.6, 40.126.29.13, 40.126.29.10, 40.126.29.15, 40.126.29.12, 40.126.29.5, 40.126.29.7, 40.126.29.8, 40.126.28.22, 40.126.28.19, 40.126.28.14, 40.126.28.13, 40.126.7.32, 40.126.28.23, 40.126.28.12, 40.126.28.21, 23.45.13.16, 23.45.13.51, 40.126.28.20, 40.126.28.18, 64.233.177.95, 142.250.9.95, 64.233.185.95, 172.253.124.95, 74.125.138.95, 108.177.122.95, 173.194.219.95, 142.250.105.95, 74.125.136.95, 142.251.15.95, 40.127.169.103, 52.165.164.15, 40.126.29.20, 40.126.29.2, 40.126.29.23, 40.126.29.21, 40.126.29.22, 40.126.29.1, 40.126.29.0, 152.199.4.33, 20.190.157.16, 52.165.165.26, 20.3.187.198, 199.232.214.172, 172.217.215.94
                                                        • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, na.privatelink.msidentity.com, www.tm.lg.prod.aadmsa.akadns.net, clientservices.googleapis.com, ak.privatelink.msidentity.com, a1894.dscb.akamai.net, dialin.teams.microsoft.com, clients2.google.com, mscomajax.vo.msecnd.net, login.live.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, login.mso.msidentity.com, client.ppe.repmap.microsoft.com, www.ppev6tm.aadg.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, www.tm.ak.prd.aadg.trafficmanager.net, prdv4a.aadg.msidentity.com, www.ppev6tm.aadg.akadns.net, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, prdf.aadg.msidentity.com, aadcdnoriginwus2.azureedge.net, cs22.wpc.v0cdn.net, www.tm.ak.prd.aadg.akadns.net, www.tm.v4.a.prd.aadg.akadns.net, ctldl.windowsupdate.com, aadcdn.msauth.net, passwordreset.mso.msidentity.com, wu-bg-shim.trafficmanager.net, firstparty-azurefd-prod.trafficmanager.net, login.msa.msidenti
                                                        • Not all processes where analyzed, report is missing behavior information
                                                        • Report size getting too big, too many NtSetInformationFile calls found.
                                                        • VT rate limit hit for: https://aka.ms/vmsettings

                                                        Simulations

                                                        Behavior and APIs

                                                        No simulations

                                                        Joe Sandbox View / Context

                                                        IPs

                                                        No context

                                                        Domains

                                                        No context

                                                        ASNs

                                                        No context

                                                        JA3 Fingerprints

                                                        No context

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        Chrome Cache Entry: 100

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (8146), with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):8146
                                                        Entropy (8bit):5.377757519065443
                                                        Encrypted:false
                                                        SSDEEP:192:/cSvE12wA+CxULRHc3Dv3N02OYuBdHN3vM30oCj:/I1lnHc3Dv90LoCj
                                                        MD5:202BF499BAE77412168664460B89A331
                                                        SHA1:FC41889957A285DF00244F14750103F056ECA4F0
                                                        SHA-256:ABDAC73B6496F9E7254DD20BB733ED86A994A37FFABA5E2F97C1E65EFF1042A0
                                                        SHA-512:5137C56B4E9E78A427133799A69D98DA0315417737AEEF3B2EA07F363182A6554EF041A17F86749A871800A59768D1B848A71839C31162EEECD14081E089AC22
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/styles.bundle.js?version=3.10
                                                        Preview:webpackJsonp([0],{1:function(e,t,n){e.exports=n("qOWO")},"FZ+f":function(e,t){e.exports=function(e){var t=[];return t.toString=function(){return this.map(function(t){var n=function(e,t){var n=e[1]||"",i=e[3];if(!i)return n;if(t&&"function"==typeof btoa){var o="/*# sourceMappingURL=data:application/json;charset=utf-8;base64,"+btoa(unescape(encodeURIComponent(JSON.stringify(i))))+" */",r=i.sources.map(function(e){return"/*# sourceURL="+i.sourceRoot+e+" */"});return[n].concat(r).concat([o]).join("\n")}return[n].join("\n")}(t,e);return t[2]?"@media "+t[2]+"{"+n+"}":n}).join("")},t.i=function(e,n){"string"==typeof e&&(e=[[null,e,""]]);for(var i={},o=0;o<this.length;o++){var r=this[o][0];"number"==typeof r&&(i[r]=!0)}for(o=0;o<e.length;o++){var a=e[o];"number"==typeof a[0]&&i[a[0]]||(n&&!a[2]?a[2]=n:n&&(a[2]="("+a[2]+") and ("+n+")"),t.push(a))}},t}},Xgfk:function(e,t,n){(e.exports=n("FZ+f")(!1)).push([e.i,'/* You can add global styles to this file, and also import other style files */html *

                                                        Chrome Cache Entry: 101

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):1805
                                                        Entropy (8bit):7.265265285391204
                                                        Encrypted:false
                                                        SSDEEP:24:oV1hpunQWwjx82lY2T32HEV8KJyJ3VAyKOGpxbAKJcyIXRP6VEBxX4pAE60KKAU9:4itNn2VMJ3R6breHDBBThFtYeD5B2
                                                        MD5:BC89C1FBFBC227DC5A7ED9B2797E240D
                                                        SHA1:8A9390297FDD0963C466CF2FD35D5B1F88A46B6A
                                                        SHA-256:744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
                                                        SHA-512:C18F6B22F4AC5040E3FEBE8034AD3A3A3EF32CF3384BE6C3144B2EB04080F03111743D5B30AF3A1343AFD68A20AAE5972422C724107243D00CD9CF263DDC10C7
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR...Y.........0.r.....sRGB.........gAMA......a.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BABFACAF901511E2BD4FDE5C526470CF" xmpMM:DocumentID="xmp.did:BABFACB0901511E2BD4FDE5C526470CF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BABFACAD901511E2BD4FDE5C526470CF" stRef:documentID="xmp.did:BABFACAE901511E2BD4FDE5C526470CF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..R....fIDATXG.mq[1.E.!...3&...P.................3..~L..q.O..t..{...v?..n.....b#.-.i..

                                                        Chrome Cache Entry: 102

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:HTML document, Unicode text, UTF-8 text, with very long lines (1049), with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):52248
                                                        Entropy (8bit):4.6898829562443245
                                                        Encrypted:false
                                                        SSDEEP:768:3VNB6GxcPSwIRmL5IBRe7RMCb9slQfWGfAlBRsYXzrSSl:3V8SrRdBRe7eCKlQfWGfAlBRsYX6Sl
                                                        MD5:2EE85E8C47812013259476850F477DCB
                                                        SHA1:CA70CF4094560E956295CACBD8298417C1DFF21D
                                                        SHA-256:CEE26D36B6BC6FBAAE6EB5B0F1E92B98182723ABF2F01BA1C4F948DDEB0F738E
                                                        SHA-512:A59173E25D5D54BB1E3B92E948FB86E3DC2F6B8C0A899449FBA6B85A6696F2EB08A8FCA63760D76E2237AF99217E97262570F40CEB67A6A69D47AF54C05B895A
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10
                                                        Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">..<head><title>...Microsoft Online Password Reset..</title><meta http-equiv="x-ua-compatible" content="IE=9" /><meta http-equiv="Expires" content="0" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Cache-Control" content="no-store, no-cache" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta name="robots" content="noindex, nofollow, NOODP, NOYDIR" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link id="FavoriteIcon" rel="Shortcut Icon" type="image/x-icon" href="favicon.ico?v=1342177280" />.... <script src="//ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js" type="text/javascript"></script>.. <script type="text/javascript">window.jQuery || document.write('<script type="text/javascript" src="js/jquery-3.6.0.min.js">\x3C/sc

                                                        Chrome Cache Entry: 103

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (1361), with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):1361
                                                        Entropy (8bit):5.101336136331075
                                                        Encrypted:false
                                                        SSDEEP:24:9i5JZGcw6BmCGWHRWEfuHYl0cNnjCz0O5ZIFAOzfIZ7kjF9:9i/xd9HwE5Nje0/mSu7kjn
                                                        MD5:DA7D1332261ED88721D7789EE34885D3
                                                        SHA1:A6B91D159EC5C404F79AF56E64A01ABFED9D57FD
                                                        SHA-256:7713532B0C7B81C429E48992ABAB91D90EB7526237D6A27D8E97FCC7606CD27A
                                                        SHA-512:79693B89A43D68DA39FA986D7016576F80E793D4FBAC80A3B8119493165C4391BC2FD5F330302487709E08EC7879B342A0E76282B7B300F96378E7DBC636E773
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/inline.bundle.js?version=3.10
                                                        Preview:!function(e){var n=window.webpackJsonp;window.webpackJsonp=function(r,c,u){for(var i,a,f,l=0,s=[];l<r.length;l++)t[a=r[l]]&&s.push(t[a][0]),t[a]=0;for(i in c)Object.prototype.hasOwnProperty.call(c,i)&&(e[i]=c[i]);for(n&&n(r,c,u);s.length;)s.shift()();if(u)for(l=0;l<u.length;l++)f=o(o.s=u[l]);return f};var r={},t={3:0};function o(n){if(r[n])return r[n].exports;var t=r[n]={i:n,l:!1,exports:{}};return e[n].call(t.exports,t,t.exports,o),t.l=!0,t.exports}o.e=function(e){var n=t[e];if(0===n)return new Promise(function(e){e()});if(n)return n[2];var r=new Promise(function(r,o){n=t[e]=[r,o]});n[2]=r;var c=document.getElementsByTagName("head")[0],u=document.createElement("script");u.type="text/javascript",u.charset="utf-8",u.async=!0,u.timeout=12e4,o.nc&&u.setAttribute("nonce",o.nc),u.src=o.p+""+e+".chunk.js";var i=setTimeout(a,12e4);function a(){u.onerror=u.onload=null,clearTimeout(i);var n=t[e];0!==n&&(n&&n[1](new Error("Loading chunk "+e+" failed.")),t[e]=void 0)}return u.onerror=u.onload=a,c

                                                        Chrome Cache Entry: 104

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):105523
                                                        Entropy (8bit):5.160498166822855
                                                        Encrypted:false
                                                        SSDEEP:1536:AA/nSdIVdJ9121MgTRDagvfLNw+C6oWdNM4Z1q6QcPSyhMw2y5EmkkuC:Bv1wMg9oWrM4Z1q6QcPSOMwz5Emk8
                                                        MD5:E813C8BC30E8C5618381FC6F81C09025
                                                        SHA1:A8F7678DC6B0C862596465F47728287C9FF08408
                                                        SHA-256:9F1FE0893AA7ADDED0C421DF785DE2C55EBABC53525CDE44A1DC50BCA5B4C05A
                                                        SHA-512:8B82C5E9021C01ADCD8D3D929DA51963F54E72E484EEC934EF21B63A7FA6B640C75B37BAFC2AAC60A9134EDB45B4B6C9FAE53BF04747746BED16EB3C8D98496A
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/Style_W15.css
                                                        Preview:/* Global styles start */..*.{. line-break: strict; /* Necissary to enforce proper Japanese line breaking in I.E. */.}..html, body, form.{. /* for chrome browser yellow line, see bug #2440030*/. outline: none;.}..html, body.{. height: 100%;.}..body, select, input, textarea, div[boxtype="ImageButton"].{. font-family: "Segoe UI", Segoe, Tahoma, Helvetica, Arial, sans-serif;. font-size: 12px;. font-weight:400 /*300*/;. line-height: 18px;.. margin: 0px;. padding: 0px;.}../* Main header */.h1.{. font-size: 22px;. font-weight: 400 /*200*/;. line-height: normal;.}../* For the product description iframe in Windows Live ID authentication page */.h2.{. font-size: 18px;. font-weight: normal;. line-height: normal;.}...superHeader.{. font-size: 32px;. font-weight: normal;. padding-bottom: 30px;.}..a.{. text-decoration: none;. margin: 0px;. padding: 0px;.}..a:hover.{. text-decoration: underline;. cursor:pointer;.}..a[enabled=

                                                        Chrome Cache Entry: 105

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                        Category:downloaded
                                                        Size (bytes):621
                                                        Entropy (8bit):7.673946009263606
                                                        Encrypted:false
                                                        SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                        MD5:4761405717E938D7E7400BB15715DB1E
                                                        SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                        SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                        SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
                                                        Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                        Chrome Cache Entry: 106

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:JSON data
                                                        Category:downloaded
                                                        Size (bytes):950
                                                        Entropy (8bit):4.48198966493377
                                                        Encrypted:false
                                                        SSDEEP:24:YE/O+si8Gv8+sarUM+sd+8sAIse/sv+sOd+sIM+sX+sxd+sBM+s7sarzsA6sa:YE2+sRp+sWUM+sd+8sAIse/sv+sOd+sd
                                                        MD5:9FCE93410EB828E0EDF41D3F021D93E2
                                                        SHA1:1584BC813F34E9B7356C6BD05CB2A14EC52E1590
                                                        SHA-256:F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
                                                        SHA-512:4683EAB5A623912C9684C67E49896C4C0F26C95D335898FEE201D6CB2FF4E2A4134F81903A333BF3C0E6F32A0F822A45BDFCBC613277F2B64CB483DE3173A32F
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
                                                        Preview:{"tenant_discovery_endpoint":"https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration","api-version":"1.1","metadata":[{"preferred_network":"login.microsoftonline.com","preferred_cache":"login.windows.net","aliases":["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{"preferred_network":"login.partner.microsoftonline.cn","preferred_cache":"login.partner.microsoftonline.cn","aliases":["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{"preferred_network":"login.microsoftonline.de","preferred_cache":"login.microsoftonline.de","aliases":["login.microsoftonline.de"]},{"preferred_network":"login.microsoftonline.us","preferred_cache":"login.microsoftonline.us","aliases":["login.microsoftonline.us","login.usgovcloudapi.net"]},{"preferred_network":"login-us.microsoftonline.com","preferred_cache":"login-us.microsoftonline.com","aliases":["login-us.microsoftonline.com"]}]}

                                                        Chrome Cache Entry: 107

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):1805
                                                        Entropy (8bit):7.265265285391204
                                                        Encrypted:false
                                                        SSDEEP:24:oV1hpunQWwjx82lY2T32HEV8KJyJ3VAyKOGpxbAKJcyIXRP6VEBxX4pAE60KKAU9:4itNn2VMJ3R6breHDBBThFtYeD5B2
                                                        MD5:BC89C1FBFBC227DC5A7ED9B2797E240D
                                                        SHA1:8A9390297FDD0963C466CF2FD35D5B1F88A46B6A
                                                        SHA-256:744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
                                                        SHA-512:C18F6B22F4AC5040E3FEBE8034AD3A3A3EF32CF3384BE6C3144B2EB04080F03111743D5B30AF3A1343AFD68A20AAE5972422C724107243D00CD9CF263DDC10C7
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/header_Microsoft.png
                                                        Preview:.PNG........IHDR...Y.........0.r.....sRGB.........gAMA......a.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BABFACAF901511E2BD4FDE5C526470CF" xmpMM:DocumentID="xmp.did:BABFACB0901511E2BD4FDE5C526470CF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BABFACAD901511E2BD4FDE5C526470CF" stRef:documentID="xmp.did:BABFACAE901511E2BD4FDE5C526470CF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..R....fIDATXG.mq[1.E.!...3&...P.................3..~L..q.O..t..{...v?..n.....b#.-.i..

                                                        Chrome Cache Entry: 108

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):12429
                                                        Entropy (8bit):4.880328887313854
                                                        Encrypted:false
                                                        SSDEEP:192:x8GsutherY4/qX0Ii8tPNS3ndq3yFwmLkwjPuqwnESBX3Sri6K4Cl44B6QRguaZ:xBjiUSCDnyQRq
                                                        MD5:A17520454D4A65A399B863B5CC46D3FC
                                                        SHA1:0A02C72D7AFCD5198C590108E7F2302A1F75544D
                                                        SHA-256:62E5E7DC19D018BEDB24E2C89ED41271B9D94A6DDE3359CC9CABBC315385C0E5
                                                        SHA-512:0757698DC40D0AC165F159270375514A543448FB2A3E7B3B70EB500180EA00FDA3A4FC7F77C48EA013C3BAC082C092BB852CF86F7D4C0094596DE6917DCA1449
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/css/Style.css?v=1342177280
                                                        Preview:* {.. line-break: strict..}....body,..input,..select,..textarea,..button,..legend {.. font-weight: normal;.. font-family: "Segoe UI-Regular-final", "Segoe UI", Segoe, Tahoma, Helvetica, Arial, Sans-Serif;.. font-size: 12px;.. line-height: 19px;.. letter-spacing: .01em;.. color: #666666..}....span.requiredstar {.. font-weight: normal;.. font-family: "Segoe UI-Regular-final", "Segoe UI", Segoe, Tahoma, Helvetica, Arial, Sans-Serif;.. font-size: 12px;.. color: #a80f22..}....h1,..h2,..h3,..h4,..h5,..h6 {.. font-weight: normal;.. font-family: "SegoeUI-Light-final", "Segoe UI Light", "Segoe UI", Segoe, Tahoma, Helvetica, Arial, Sans-Serif;.. color: #333333;.. margin: 0 0 0 0;.. cursor: default..}....h1 {.. font-size: 32px;.. line-height: normal;.. letter-spacing: -.01em;.. padding-left: 0px;.. padding-right: 0px..}....h2 {.. font-size: 22px;.. line-height: normal;.. letter-spacing: -.01em..}....h3 {.. font-size: 13px;

                                                        Chrome Cache Entry: 109

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:JSON data
                                                        Category:dropped
                                                        Size (bytes):1547
                                                        Entropy (8bit):4.63779068711367
                                                        Encrypted:false
                                                        SSDEEP:48:Ye2+seQykaO+sMzcijLiDT4+sOJhKdZKA2+sL32+s92+sPmoy04jl2+sv4szmZY7:ppseXXxsMzjSsOKHLpsTps9psPA06pst
                                                        MD5:3E2129EC7EE0D22D5874D661893921C0
                                                        SHA1:E6B20A5603F8B9292D46E2A74E32D1DDC6229196
                                                        SHA-256:C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
                                                        SHA-512:77A8919A97B102AA90D47C0C34A40FC82ABC491CBF4D7C4BC5649E5D8ED504BAA088003521AF68DD8B23DE7DD61257A7E9A72FE6AB841C827639DD13CF8D30EA
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:{"token_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/token","token_endpoint_auth_methods_supported":["client_secret_post","private_key_jwt","client_secret_basic"],"jwks_uri":"https://login.microsoftonline.com/common/discovery/v2.0/keys","response_modes_supported":["query","fragment","form_post"],"subject_types_supported":["pairwise"],"id_token_signing_alg_values_supported":["RS256"],"response_types_supported":["code","id_token","code id_token","id_token token"],"scopes_supported":["openid","profile","email","offline_access"],"issuer":"https://login.microsoftonline.com/{tenantid}/v2.0","request_uri_parameter_supported":false,"userinfo_endpoint":"https://graph.microsoft.com/oidc/userinfo","authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/authorize","device_authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/devicecode","http_logout_supported":true,"frontchannel_logout_supported":true,"end_session_endpoint":"https:/

                                                        Chrome Cache Entry: 110

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (61363)
                                                        Category:downloaded
                                                        Size (bytes):194095
                                                        Entropy (8bit):5.233447074740326
                                                        Encrypted:false
                                                        SSDEEP:3072:xLXL5ROj4p9dZGHG45KAfCJTKB9xn1jxOylzrzGWK97bpzVjISWDIpxZd:xLXL5ROj4dcHGEJfCJTKB9xn1jxOyhzi
                                                        MD5:90DB4147268D4ADA93C2E4262E31B22F
                                                        SHA1:65EDC883B272E529A476FF5507A79A36EC0086CD
                                                        SHA-256:8387E32FA9AEFE45EF07EE36E4C864B08806AEB1B77D142E16C65306576854F8
                                                        SHA-512:E02686E3622FB4465128F783C19E50474135BBF53FE8D5D77CBD5DD02E2A69C5B09A888E730DE7709A69F60529FF5A57486800F20C874977574BFDEACEEC8137
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/msal-browser.min.js
                                                        Preview:/*! @azure/msal-browser v2.14.1 2021-04-22 */."use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e=e||self).msal={})}(this,(function(e){./*! *****************************************************************************. Copyright (c) Microsoft Corporation... Permission to use, copy, modify, and/or distribute this software for any. purpose with or without fee is hereby granted... THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH. REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY. AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,. INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM. LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR. OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR. PERFORMANCE OF THIS SO

                                                        Chrome Cache Entry: 111

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):4020
                                                        Entropy (8bit):7.929907559552797
                                                        Encrypted:false
                                                        SSDEEP:96:1X+Yg6Iet+ZpBmQKEuhA/4oJqNoCkQV+CX8h:Fg69t+YfPhEBPnC+t
                                                        MD5:36AFB641BECFAD75FED5F4E6E8C39268
                                                        SHA1:2495652F017B7A06D796AFE9C4A06ECD54F9CCFE
                                                        SHA-256:5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
                                                        SHA-512:08C27020CF80A181B941EE144090FFBDD12ED34BA8CBEC037ACECE63F850FF8A69BE6DDB0EC24F7141C46F27779ED59AF84A55FB367C1B6F8893B444F44C5AF5
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/footer_logo_grey_bg.png
                                                        Preview:.PNG........IHDR...R...H.......}.....pHYs..!8..!8.E.1`....sRGB.........gAMA......a....IIDATx...r....[ZZ..V.'0......].......z....M..U.%........C.....}...s...mIV.O5...... ...U.Hq@b......Y..../)..hy.._S......KzK...O\5EQ...(....B.(......(J *...(...*....B.(......(J *...(...*....B.(..H..EQ.C...V...7.//...~...?.....h4:.@TH.E....}........k.v....L./.@TH...pGN.;.....'.(s...k.......4GTH...'O.~...g[..o.."....l..>.G...;..~...&.....d..u.^F.........M.h.....>.}>..........[......E.b..?.u..{.B........M._.iAh.>~.<*S...=.@`e..e....R....._ViA.E....R.@...@..vm.'Ei.v..\>QD..e..R......;o.p{......./^d..TH;.,F>..6...1?..E.p.}..J.p...XD.........7*.^b..../.w...........n0.+R.V).J.a..^.X.S..B(..W+++..W. ..e%"Z.[.{,....JQ.iG`....(5..e..`u.*.=.)J...........C.!.@..;$.i.F...W.[....#............k.(J.z....`.dB..)..-H...R.H..O.#V..%......W.4>.'..aJ9.2Q..+.R..id`.x..1.. .../.(J%..>2d.QJ..7.|.S`..10>..}.M#.....4......<f}..OWO..m.;C[;u.|P!......L...S.Egr.....3.k.......i.........O...

                                                        Chrome Cache Entry: 112

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 444227
                                                        Category:downloaded
                                                        Size (bytes):121212
                                                        Entropy (8bit):7.9972852524966695
                                                        Encrypted:true
                                                        SSDEEP:1536:iD6XUiMe8qYwKDImT4zkhRc8JbmxMwGysvrO/Q0wjsFUUXbBHfy18nZIH9JxhmTK:wHHDZT33eAvrn0wjsm8Z0otE
                                                        MD5:0868DA2DD5EFFED92904047439E49D48
                                                        SHA1:D760173E5E6B25461B0D2A0B32D384FE659B2338
                                                        SHA-256:8C41E973CB5EE0194EBF3BAA0716EEEB57EED53552F042E200190E3C37F08CFD
                                                        SHA-512:9F430A42D5380D12C553255A324E347A37337E659D623F50314CF47FE52889FD4120F8DD2895DE3327ED97B65DE4E78C982DA966A3F5253286AB0DE0260817CB
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js
                                                        Preview:...........m{.8....~.......%..J....Te;.3q..wS.<.D;..W..2.......e......X$H. .. .~.i....T....*....MexZ..|v}\.....\.o.N...l.....O*.?`..;v..U.....?t.x..N.....}'.L.hVI.Xe.G.27M*...Ph..R..b.r...k..V.....O..J....~?..0J}.U.......VY...+....P...8J.IZ....'h$Y@z........2....Q...R.P3.....'..'.Q..:.G..|...2Q....$...."..4..F..}..?.V.n......:@.[.i....O.b.T"..+D..q...9.$.ke.;!.\6...Lc.f,Lu .....?..".3..4..Y.cK.?...K6.T.L..Q.3.T....7...Y.Y.i:O....~.....h......I.u..:.}....r...8.*W.1`P9.f....T....%.?..K....4?N.........."t..*.-..JX..+..O.._....o.;=.?....w...Q=`.4}8H..j...&w.p......F.....d...I.......W....:....[./..*~@+5....."...V..wU..)TYe....?5......;........Vk..Jt.^.t.^6Z..:...!..I...j1K.qX..u.S......1.^.V.....Lk.Z..B.....,..z.;..G`..y..T`.tz...[5..q.*...E}K.[.b.&........Z...t..s..RO....m....s.IQ...+...Re....T...ag.0.F...T.}<].<Nt........ ..k..5..X....El_..w..|..VC=...H$F..~r%..'U..!.k1=.e.)y!`)....Y.c%.....{.Kx.........s...dZ....^:3V..H..|Sz.1%C..G..a2:v

                                                        Chrome Cache Entry: 113

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65371)
                                                        Category:downloaded
                                                        Size (bytes):121155
                                                        Entropy (8bit):5.097810738661347
                                                        Encrypted:false
                                                        SSDEEP:768:Vy3Gxw/oc/QWlJxtQOIuiHlqfmzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1Fl:nw/P1fIuiHlqfmN8lDbNmPbc
                                                        MD5:225FDAB89A168A34ABD01851EAE49EC5
                                                        SHA1:941ED4A82A2D7A09D857E7B7A0638C1C8C2CA945
                                                        SHA-256:09106D352497D72FD30CD52967D640304B7AE2C3F2CF5318F0B0EE2116F08D99
                                                        SHA-512:23889A0CD6707135BC3E0C229CC392C227776FB7E3BCBAEF8B9F32D8310188F06F2F6F418C034384E5EA62CE92BC26864204FF37C778680C9D9803A4194E6D6A
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/bootstrap.min.css
                                                        Preview:/*!. * Bootstrap v3.3.7 (http://getbootstrap.com). * Copyright 2011-2016 Twitter, Inc.. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE). *//*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}article,aside,details,figcaption,figure,footer,header,hgroup,main,menu,nav,section,summary{display:block}audio,canvas,progress,video{display:inline-block;vertical-align:baseline}audio:not([controls]){display:none;height:0}[hidden],template{display:none}a{background-color:transparent}a:active,a:hover{outline:0}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:700}dfn{font-style:italic}h1{margin:.67em 0;font-size:2em}mark{color:#000;background:#ff0}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-.5em}sub{bottom:-.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:1em 40px}hr

                                                        Chrome Cache Entry: 114

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):1972981
                                                        Entropy (8bit):5.339510785474747
                                                        Encrypted:false
                                                        SSDEEP:24576:inOZrQKmQfdvu9Q5q7fbAGQL4f2lyKIoR1eH/5wJq:inOZrQKmQfdvu9Q5q7fbArAKIoR1ehws
                                                        MD5:497FC804084107633A4BA83459342368
                                                        SHA1:1A26C659CCA7B4EED6E67FA550832FBF25E540F6
                                                        SHA-256:14982788E902966B036D895893BB3C6D3F7080694B8AD435F0A7F0FCD9F1B2BE
                                                        SHA-512:6EDC13CBA1F1EDEE1188E9E65533FB412046C14473DDEF07A51E568FFD2E14D8A7DC2E36CBD151727C2C31850313C55EE8EDCBCF70399954B06900717454E8FA
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/ScriptSharpCommon.js
                                                        Preview:Type.registerNamespace('Lcp');..Lcp.AlertState = function() {}.Lcp.AlertState.prototype = {. success: 0,. failure: 1,. static: 2.}.Lcp.AlertState.registerEnum('Lcp.AlertState', false);...var IValueConverter = function() {}.IValueConverter.registerInterface('IValueConverter');...var BindingMode = function() {}.BindingMode.prototype = {. twoWay: 1,. oneWay: 2,. oneTime: 3,. oneWayToSource: 4,. twoWayFirstTimeToSource: 5.}.BindingMode.registerEnum('BindingMode', false);...var ICanDisableProperty = function() {}.ICanDisableProperty.registerInterface('ICanDisableProperty');...var IChangeTracking = function() {}.IChangeTracking.registerInterface('IChangeTracking');...var RelativeSourceMode = function() {}.RelativeSourceMode.prototype = {. templatedParent: 1,. self: 2.}.RelativeSourceMode.registerEnum('RelativeSourceMode', false);...var IComponent = function() {}.IComponent.registerInterface('IComponent');...var IInvoke = function() {}.IInvoke.registerInterface('

                                                        Chrome Cache Entry: 115

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65291)
                                                        Category:downloaded
                                                        Size (bytes):93869
                                                        Entropy (8bit):5.11348422651821
                                                        Encrypted:false
                                                        SSDEEP:1536:oV0bnzVwRqBipSHzSSSRS1SQSLSASkhIHSgSESawXfGjb0S5SgcM3SAYJdTYg8qK:oObnzVwRqBipSHzSSSRS1SQSLSASkhIH
                                                        MD5:C6233F019B1CA240C5483CF201876279
                                                        SHA1:5DA690274C798A758F74A10DB090179597EB3063
                                                        SHA-256:747EA5A0D4A9AE62B42829E0F769FAE808F5EA8C37B1651431C7C206D081F36E
                                                        SHA-512:0EE3650C14E7DAC3743BFF55A3AE5EBAA7EF309911C9EA41FF12AB9925D1F74B91EE2C4AA16398C7DC9FAAB29CAF8AF912820DE0828657D80F6418A8B58722EF
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/fabric.components.min.css
                                                        Preview:/* Copyright (c) Microsoft. All rights reserved. Licensed under the MIT license. See LICENSE in the project root for license information. */../**. * Office UI Fabric 2.1.0. * The front-end framework for building experiences for Office 365.. **/. .ms-ListItem:after,.ms-PeoplePicker-searchBox:after{clear:both}.ms-Breadcrumb{margin:23px 0 1px}.ms-Breadcrumb.is-overflow .ms-Breadcrumb-overflow{display:inline}.ms-Breadcrumb-chevron{font-size:17px;color:#666;vertical-align:top;margin:10px 0}.ms-Breadcrumb-list{display:inline;white-space:nowrap;padding:0;margin:0}.ms-Breadcrumb-list .ms-Breadcrumb-listItem{list-style-type:none;vertical-align:top;margin:0;padding:0;display:inline-block}.ms-Breadcrumb-list .ms-Breadcrumb-listItem:last-of-type .ms-Breadcrumb-chevron{display:none}.ms-Breadcrumb-overflow{display:none;position:relative;margin-right:-4px}.ms-Breadcrumb-overflow .ms-Breadcrumb-overflowButton{font-size:12px;display:inline-block;color:#0078d7;margin-right:-4px;padding:12px 8px 3px;curs

                                                        Chrome Cache Entry: 116

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):471
                                                        Entropy (8bit):7.197252382638843
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7eM/H/HTOlHAbsnwpncDR1pxInjqrrgRRIEw6Jz:qHTO0Gwpnc7pOnjqngRR1nJz
                                                        MD5:C651D60A08FF0F579E2EB9BE6043A3C6
                                                        SHA1:E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55
                                                        SHA-256:7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
                                                        SHA-512:017C29423F096A45AD5D1002B2F14E27A8298F144A962B78F46A96626A1027D5E4EC57468CD8F8C5B9E97461FA651452A1786CD9F5F76264652D03F55D516138
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/hip_reload.png
                                                        Preview:.PNG........IHDR..............>.....sRGB.........gAMA......a.....pHYs..........+......tEXtSoftware.Adobe ImageReadyq.e<...GIDAT8O...@...;Wa.`.X....b....... A.F....K...a..t*{3.e...K.....C..0.....)~;.eYvP....L}.KAEQP.4..WYd....mV]..m....$M...`...C.$R.......`..dM.T....,RU..TU..`.'0.!...D[`p..W)D8,dv]Wt....\^v.$.s..`.i...!...D..e$......$.8../..8....;..\6,...f|....n.....e..M...g.O.9....q..&........0.w...k...z....\.iZ..c.;.F...Uq7.'Y....X ....IEND.B`.

                                                        Chrome Cache Entry: 117

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):3005
                                                        Entropy (8bit):4.3348196756520005
                                                        Encrypted:false
                                                        SSDEEP:48:ITWNX9q7aVxyFGwvqNTTswh11KdA/IMUitKhyWirt+NG/BC0/PTfhyr1+18:IiNX9oFG4qTJb0a/IMNURkt6GJZ/7fU7
                                                        MD5:A870B45AC5D6B0D4E18C4829C7B660B4
                                                        SHA1:2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0
                                                        SHA-256:144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
                                                        SHA-512:295A21307D452F4BF51C62770C6A6B43CDB8B5A6BFA3617E068C8550285252B88F8BBF93A81C39E4BD7F73645EE094EDE0E2733DAFA5094E3EBAE20033363270
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/WebResource.axd?d=yfXejayQP4znoQO4Q-WuWPSNpyoJDwiwsvGNyHLDkV-PCUGEhfUGU0GUo6RpydbAZm4pVM6jMkiJTAk2fJp7MSpXra16O_3dfe89Y44574UNGtregrtcpIFs09dlI78n-7VGOm1MYkgpXZ10U0Gm3Q2&t=638478749639812753
                                                        Preview:function WebForm_FindFirstFocusableChild(control) {.. if (!control || !(control.tagName)) {.. return null;.. }.. var tagName = control.tagName.toLowerCase();.. if (tagName == "undefined") {.. return null;.. }.. var children = control.childNodes;.. if (children) {.. for (var i = 0; i < children.length; i++) {.. try {.. if (WebForm_CanFocus(children[i])) {.. return children[i];.. }.. else {.. var focused = WebForm_FindFirstFocusableChild(children[i]);.. if (WebForm_CanFocus(focused)) {.. return focused;.. }.. }.. } catch (e) {.. }.. }.. }.. return null;..}..function WebForm_AutoFocus(focusId) {.. var targetControl;.. if (__nonMSDOMBrowser) {.. targetControl = document.getElementById(focusId);.. }.. else {.. targetContro

                                                        Chrome Cache Entry: 118

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):405
                                                        Entropy (8bit):6.927238031773719
                                                        Encrypted:false
                                                        SSDEEP:6:6v/lhPGtyR8R/Chm+jnDs9cCXz6fXIpvI+WOcy0f11VTaENo+7PfW3e37zt1afwp:6v/7SyG/HYfXJOvU1zTa8o+W8
                                                        MD5:D4FFE61373F6AA32EEB8CA7CD41AB980
                                                        SHA1:4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674
                                                        SHA-256:D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
                                                        SHA-512:0F7EDE96F20BB3C053C246FFE1EF8CE739CEF7757FAAED031A365299B88664A046557C2C7FDB3BADED070BA4EBA1A14950D7E3A066B4976BF07142CEFA48BEEB
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/hip_speaker.png
                                                        Preview:.PNG........IHDR.............8.......sRGB.........gAMA......a.....pHYs..........+......tEXtSoftware.Adobe ImageReadyq.e<....IDAT8O...0...nf..y.,X4.g.I.h4..H.`.b.bA..f.n....%.=.iS.?N....^....A.(...~.i..m[.Qyz..iB..(...8...<G.........y..$.8....EQ.u]..I..(R.l...a...=..?t...CUU.......-..7.!..@.u0\..y.@..[a...p@.J.......e..>.Y..i..>A...+.,[. X9..z....B.4..+)..`n/..Q..>...y....e<....IEND.B`.

                                                        Chrome Cache Entry: 119

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):36
                                                        Entropy (8bit):4.503258334775644
                                                        Encrypted:false
                                                        SSDEEP:3:Eq62iczBr9ks:EqdiczBys
                                                        MD5:06B313E93DD76909460FBFC0CD98CB6B
                                                        SHA1:C4F9B2BBD840A4328F85F54873C434336A193888
                                                        SHA-256:B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
                                                        SHA-512:EFD7E8195D9C126883C71FED3EFEDE55916848B784F8434ED2677DF5004436F7EDE9F80277CB4675C4DEB8F243B2705A3806B412FAA8842E039E9DC467C11645
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmCAmly1gHbXRIFDdFbUVISBQ1Xevf9?alt=proto
                                                        Preview:ChgKDQ3RW1FSGgQIVhgCIAEKBw1Xevf9GgA=

                                                        Chrome Cache Entry: 120

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
                                                        Category:dropped
                                                        Size (bytes):24038
                                                        Entropy (8bit):5.992474931914016
                                                        Encrypted:false
                                                        SSDEEP:384:cLU4fKWVUvyZk56/1+fZfMj8hTb5nz0bnOWWWWWWWWWWWWWWWWWWWWWWWWWqvESs:cLxfKW6yZk8/iZfMjYxnzonm9MaKcuwW
                                                        MD5:877784A5F5808CEFA2B61E73BFCF8EAE
                                                        SHA1:6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF
                                                        SHA-256:BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
                                                        SHA-512:DABFFC928F7ED2A2D05003DAEF643806BD1CEC6B98E705F7415A82AFE7034F4E1E8A70C5AE69B094A948EEDAB4E8B76DCF72DF881DA092FE4AB76DA0EEFB8C3C
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:......@@.... .(@..F... .... .(...n@........ .(....P........ .(....Y..(...@......... ............................................................W.X..~S...W...X...X...X..X..V..p...}.............................................................kQ.W*..S$..wK..k..k..k..m..m..p..q..q..r..~......".........................................................................t..s'..^...\...^..._..._...`...a...b...e....M.................................................................fF.^...sB...m...v...w...x...x...y...{...{............%...#..."..."... ......................................................................v.._..xL...V...X...X...Y...Z...Z...\...`..}N...k#....................................................................rO4.Y+...T...k...q...q...p...q...q...u...}...."...$... .................................................................................j...S...T...X...Z...Y...Z...[...Z...]..._..{O...o?...........................................

                                                        Chrome Cache Entry: 121

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):26951
                                                        Entropy (8bit):4.514992390210281
                                                        Encrypted:false
                                                        SSDEEP:384:jMgviMjM4if38GmhXeC1QRwweTkBE9wbOY4Jf/JhRZ5h+73hNVt8oC4veONhLYVi:CLEiJSdo11vIYHqb5Klo8v
                                                        MD5:B3D7A123BE5203A1A3F0F10233ED373F
                                                        SHA1:F4C61F321D8F79A805B356C6EC94090C0D96215C
                                                        SHA-256:EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
                                                        SHA-512:A01BFE8546E59C8AF83280A795B3F56DFA23D556B992813A4EB70089E80621686C7B51EE87B3109502667CAF1F95CBCA074BF607E543A0390BF6F8BB3ECD992B
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/ScriptResource.axd?d=toY-xGLgNRMp8DvmwA1TquKcoJ63M_cuZ5JgxzWt9ClMkvhUKZCgrarPNsEuFNEcadvXW2fG2R9jPyWkIjURV0R3rstR8-gYWGtAa2gNs5GtZP42MZEwWOvqRS6DElp2Lx85avv2yXlUVL89z6fLsiNPiNVErN11dM-pHGijQpW8Abi7Z2Jf67nkX0GRoy7Ti38BLDX3qqBnOrnBOpAUUQ2&t=ffffffffa8ad04d3
                                                        Preview:var Page_ValidationVer = "125";..var Page_IsValid = true;..var Page_BlockSubmit = false;..var Page_InvalidControlToBeFocused = null;..var Page_TextTypes = /^(text|password|file|search|tel|url|email|number|range|color|datetime|date|month|week|time|datetime-local)$/i;..function ValidatorUpdateDisplay(val) {.. if (typeof(val.display) == "string") {.. if (val.display == "None") {.. return;.. }.. if (val.display == "Dynamic") {.. val.style.display = val.isvalid ? "none" : "inline";.. return;.. }.. }.. if ((navigator.userAgent.indexOf("Mac") > -1) &&.. (navigator.userAgent.indexOf("MSIE") > -1)) {.. val.style.display = "inline";.. }.. val.style.visibility = val.isvalid ? "hidden" : "visible";..}..function ValidatorUpdateIsValid() {.. Page_IsValid = AllValidatorsValid(Page_Validators);..}..function AllValidatorsValid(validators) {.. if ((typeof(validators) != "undefined") && (validators != null)) {

                                                        Chrome Cache Entry: 122

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):1498
                                                        Entropy (8bit):4.81759827491068
                                                        Encrypted:false
                                                        SSDEEP:24:UhvVovixQcvUvED/frfnQYRKYKvZiANncisDmZu7SECywEZS9Y6f:U7ZM8vbA3smgm89CywYkV
                                                        MD5:11FE4E6509513DB245F1F97E37C5D3AB
                                                        SHA1:05322C35B6BFAE84CE8C626BD7B1F8C4A6F15A6D
                                                        SHA-256:78D437B40A85299F96ED9D02E35F23FD3D3EF63D844D8D2523A15516F7E1D09C
                                                        SHA-512:E8A7C3B06C54B671FF6772D6A360DD0B4A65888B4DBD32AE04D14E4971343A71E1B4EC1E58BD45898744A1B0DF4EDE24141FF47E2C0393E18AACFC97E6F10D76
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/css/ltrStyle.css?v=1342177280
                                                        Preview:.paddingright { padding-right: 20px; }...paddingleft { padding-left: 20px; }...paddingright7 { padding-right: 7px; }...paddingleft7 { padding-left: 7px; }...paddingleft10 {padding-left: 10px; }...alignright { text-align: right; }...alignleft { text-align: left; }...leftalign {text-align: left; margin-left:0px;}.....borderRight {border-right: 1px solid black; padding: 0px;}.....userTypeRadioButtonMargin{margin-left: 10px; margin-top:50px;}...userVerificationInputLabel {text-align:left;padding-right: 10px;}...radioButtonMoreInformation { padding-left: 20px }.....header .logo{float:left; padding-left:30px;}.....HelpCallout td.PosRight{padding: 8px 0px 0px 0px; margin: 0px; vertical-align: top; font-size: 1px; border: none !important; background-color: transparent !important;}...HelpCallout td.PosRight > div{font-size: 1px; position: relative; left: 1px; border-bottom: none !important; border-right: none !important; border-left: none !important; width: 15px; background-color: transparent !

                                                        Chrome Cache Entry: 123

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592
                                                        Category:dropped
                                                        Size (bytes):621
                                                        Entropy (8bit):7.673946009263606
                                                        Encrypted:false
                                                        SSDEEP:12:Xp7fmqfW/e4YC2L0E5DZLB62y/+6lbPa1Gotq8mdd2Xmy2QLBwxD+QkCfBJ:Xp6qf2SCk3LBpy/rtPa1GKq8mOX5jLcD
                                                        MD5:4761405717E938D7E7400BB15715DB1E
                                                        SHA1:76FED7C229D353A27DB3257F5927C1EAF0AB8DE9
                                                        SHA-256:F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
                                                        SHA-512:E8DAC6F81EB4EBA2722E9F34DAF9B99548E5C40CCA93791FBEDA3DEBD8D6E401975FC1A75986C0E7262AFA1B9D1475E1008A89B92C8A7BEC84D8A917F221B4A2
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:..........}UMo"1..+.....G; .8l...M..$.U.AW......UaX..`'.=......|..z3...Ms>..Y...QB..W..y..6.......?..........L.W=m....=..w.)...nw...a.z......#.y.j...m...P...#...6....6.u.u...OF.V..07b..\...s.f..U..N..B...>.d.-z..x.2..Lr.Rr)....JF.z.;Lh.....q.2.A....[.&".S..:......]........#k.U#57V..k5.tdM.j.9.FMQ2..H:.~op..H.......hQ.#...r[.T.$.@........j.xc.x0..I.B:#{iP1.e'..S4.:...mN.4)<W.A.).g.+..PZ&.$.#.6v.+.!...x*...}.._...d...#.Cb..(..^k..h!..7.dx.WHB......(.6g.7.Wwt.I<.......o.;.....Oi$}f.6.....:P..!<5.(.p.e.%et.)w8LA.l9r..n.....?.F.DrK...H....0F...{.,.......{E.."....*...x.@..?u......../....8...

                                                        Chrome Cache Entry: 124

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 352 x 3
                                                        Category:dropped
                                                        Size (bytes):3620
                                                        Entropy (8bit):6.867828878374734
                                                        Encrypted:false
                                                        SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                        MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                        SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                        SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                        SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                        Chrome Cache Entry: 125

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (39257), with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):40326
                                                        Entropy (8bit):5.245555585297941
                                                        Encrypted:false
                                                        SSDEEP:384:bvrc3TrJ1vMZCKZ4pLRy6DkfDLcbTzcXanT2rxb64aKQr1vySAwBaPUge6ydE:bTaYB4Hy7mTzcaTKStrwSAwBaPUTdE
                                                        MD5:DA9DC1C32E89C02FC1E9EEB7E5AAB91E
                                                        SHA1:3EFB110EFA6068CE6B586A67F87DA5125310BC30
                                                        SHA-256:398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
                                                        SHA-512:D4730EBC4CA62624B8300E292F27FD79D42A9277E409545DF7DC916189ED9DF13E46FAA37E3924B85A7C7EA8C76BF65A05ECA69B4029B550430536EC6DF8552A
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/ScriptResource.axd?d=aZLH4mSlwVT2bfQsqN_cSwyYyu3ks1oNtEUpMeosxjDyVX_6TB3IW5CEdatXFuv2I4zJTROm0VtmRKop2xS7bo0w-Iix-BcMl2_cNtK35bqyAoFbyXyvBqrmEkdN4A7rfIluoWj_uDzkv387yziPFleU1xPL4uvNI8i9rGQ3gLT9Eo-Z4-W34GRU8l-e4ISM3aOfMGbZKuDklekpBXyFblmjFoJXOxTzBgqF-kp9hX41&t=74258c30
                                                        Preview://----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjaxWebForms.js..Type._registerScript("MicrosoftAjaxWebForms.js",["MicrosoftAjaxCore.js","MicrosoftAjaxSerialization.js","MicrosoftAjaxNetwork.js","MicrosoftAjaxComponentModel.js"]);Type.registerNamespace("Sys.WebForms");Sys.WebForms.BeginRequestEventArgs=function(c,b,a){Sys.WebForms.BeginRequestEventArgs.initializeBase(this);this._request=c;this._postBackElement=b;this._updatePanelsToUpdate=a};Sys.WebForms.BeginRequestEventArgs.prototype={get_postBackElement:function(){return this._postBackElement},get_request:function(){return this._request},get_updatePanelsToUpdate:function(){return this._updatePanelsToUpdate?Array.clone(this._updatePanelsToUpdate):[]}};Sys.WebForms.BeginRequestEventArgs.registerClass("Sys.WebForms.BeginRequestEventArgs",Sys.EventArgs);Sys.WebForms.EndRequestEventArgs=fun

                                                        Chrome Cache Entry: 126

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                        Category:downloaded
                                                        Size (bytes):17174
                                                        Entropy (8bit):2.9129715116732746
                                                        Encrypted:false
                                                        SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                                        MD5:12E3DAC858061D088023B2BD48E2FA96
                                                        SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                        SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                        SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
                                                        Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                        Chrome Cache Entry: 127

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):1561
                                                        Entropy (8bit):7.762338770217686
                                                        Encrypted:false
                                                        SSDEEP:48:c/CeK/fE+XoVldIkPdTWbuf173xX964boBdIhLE:ntcx/Iksbuf17f64borIK
                                                        MD5:8DC34013E911C5F68FC2BCA0400CB06F
                                                        SHA1:16BAFA91AF100D65C4945F04E0C6E1643B98CF00
                                                        SHA-256:795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
                                                        SHA-512:83ACA42A30BFD629BC1E88D3ED154475E7949C1B154D19E6C9EF1DE825BA7967C0B6DA9EE79E7B420668242CCE5931DF344C97278A254F0A72C3D09EABED6051
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://client.ppe.repmap.microsoft.com/Images/hipaudioplay.png?vv=100
                                                        Preview:.PNG........IHDR...<...<.....:..r....sBIT....|.d.....pHYs...........S.....tEXtCreation Time.05/06/16...o....tEXtSoftware.Adobe Fireworks CS6.....qIDATh..=l.E.....H..H*.|... ...&.D..).@....&...N....)_.E ...(.p...p(H...Ht... ..0............i.}s.....{`ss....;.......:...u..."....Az.r.%.9.|....wU.j...o....N4...~....g.u.=`.;..9.7.%....Ad#......9....~7.....&.a........`]x^D....&,"..kv.l..K.S+!....#{.xm.;..%.+F<.\..#...bN...2...\.".I..U]..#.dWy$."r.2;Z...w)oD..H..u..M.'.k70.<4aG..`'~......k31W.2!Ue.A"..j....X..C...dNUd.... .j.|c."..../..P.MXD......C`>7Y.K...n.....U..#..^4....Uu...Q.);.`9q.53..n.@.......A6.E,6.-d; ........nl.>..."..N7..9\6.....p^a..4aG...3...gUu#..j...2............f.....^.)...Udo'&..G.C.Z...L).....".t...pCD..n..a.....E....F...o.k.Y+b...[...gT..... ...]....V..m.!\..SCwh8w..J^.3N........\.W.....3.....lP.Da........-..........@_...i......r..%..)E.Q...3..M..o.$...`...".......-/EHIDZ.q.MC.......D.Q..".. ..#...................1...p.x?dKP.=...{u\.

                                                        Chrome Cache Entry: 128

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 223759
                                                        Category:downloaded
                                                        Size (bytes):54325
                                                        Entropy (8bit):7.996017457525811
                                                        Encrypted:true
                                                        SSDEEP:768:MBOXdNQNgHZp9Ga0EqoitKVFF9dMVtakANyFeDpz3ZSgaDpk4JGUISrX+pk7RU/P:bDQNg5pFneONYu9ZpfUv7+m7aITS2Du
                                                        MD5:799F880143F17E47C4EFDBB3FF35A54C
                                                        SHA1:8CECC74EB422322F78EDE1111F175A28725CCA9F
                                                        SHA-256:EA70CC2977F4DEB5236041A7A0628FA671FB8AD20A5E9E3FD6885A11359EF2FE
                                                        SHA-512:46E811AA3D03023596B47DB39B6FABCC1A4B7388C7F0A187A4C23B024695593702A70227F5B770174A258A265A48D4F87EF01281210229E51022E9BC6948214B
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js
                                                        Preview:...........k{.F.0.}...gF.L."..eR..v.y.O....g...............~...@....f<...F./...u...;............x.y.C...y...sx.....^=}.....N.W.I.Y$.....".w....$..|..a...+.7O.eg.gW..2...8*..2)J..<^f.:.4..;....<}.....ZK.......5..,;iV&Q...9......;U:....$....DyVd....Q...N......N..".;.,//.8...X..ZP7......&shpA...a.I.C\U0i.&K..}m..1..9.N.u....^.'I/:......r...a^Ee.f..oq..e'..y..U..;...T(...<L..;X.."..8-}.^L.._w.....f.w..V.x.kK..K../.A..[....oE....G..ao0...\........Qv.7..eX..70.....|.s.}.#...:..t...$.}=....s..g.}Q..........SO.....p.%..v..|.Fo.. ..,e.......=;;..7....J#......{7o....;.........<..?.....G._..}..(..k?....2.......J.E.z.^.O.....}...XWe.....O.*..,C...+......O.r..he.............$Y.;..?).y....&.$..u..m.~.Z...2./..|9..(.m....W.8.?QO}.....]....Y..z..=..2........>..8...87.&..ajn.m.E.,.<...n.t..`......|..s7..v.w.z....d{...m.^..Y..AA...,C^...:0.~A.]....,...........6xR..8.p,./?..~v.+../c..Z...$.....Ysg....U....H....._q....o..acC...fpv.fb.....|.?.-V

                                                        Chrome Cache Entry: 129

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):405
                                                        Entropy (8bit):6.927238031773719
                                                        Encrypted:false
                                                        SSDEEP:6:6v/lhPGtyR8R/Chm+jnDs9cCXz6fXIpvI+WOcy0f11VTaENo+7PfW3e37zt1afwp:6v/7SyG/HYfXJOvU1zTa8o+W8
                                                        MD5:D4FFE61373F6AA32EEB8CA7CD41AB980
                                                        SHA1:4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674
                                                        SHA-256:D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
                                                        SHA-512:0F7EDE96F20BB3C053C246FFE1EF8CE739CEF7757FAAED031A365299B88664A046557C2C7FDB3BADED070BA4EBA1A14950D7E3A066B4976BF07142CEFA48BEEB
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR.............8.......sRGB.........gAMA......a.....pHYs..........+......tEXtSoftware.Adobe ImageReadyq.e<....IDAT8O...0...nf..y.,X4.g.I.h4..H.`.b.bA..f.n....%.=.iS.?N....^....A.(...~.i..m[.Qyz..iB..(...8...<G.........y..$.8....EQ.u]..I..(R.l...a...=..?t...CUU.......-..7.!..@.u0\..y.@..[a...p@.J.......e..>.Y..i..>A...+.,[. X9..z....B.4..+)..`n/..Q..>...y....e<....IEND.B`.

                                                        Chrome Cache Entry: 130

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (32044), with escape sequences
                                                        Category:downloaded
                                                        Size (bytes):76607
                                                        Entropy (8bit):5.230413548982788
                                                        Encrypted:false
                                                        SSDEEP:1536:YqCru+KdVtaAfwO9DvP0lgdJYgAloEFosc:l+otPf3vmgLYgAlojsc
                                                        MD5:AD58638ECA677AB0314B116D3194F27A
                                                        SHA1:66BF0499C3488B461ABD9C0ED62F8EC71A9594EA
                                                        SHA-256:4A8DF52B71E0FC738DA41E818F6B0E5E9D8FC116B65B56D017A237245B4383FA
                                                        SHA-512:8B1173C4C16AD10D69086F7B72C987764BA309FC1D159DFD01DB0812625E4C20F5266535518C57BAB687FDDA0A67A49B5BF370167B467CFC9CB83462065B5621
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/bluebird.min.js
                                                        Preview:/* @preserve. * The MIT License (MIT). * . * Copyright (c) 2013-2015 Petka Antonov. * . * Permission is hereby granted, free of charge, to any person obtaining a copy. * of this software and associated documentation files (the "Software"), to deal. * in the Software without restriction, including without limitation the rights. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell. * copies of the Software, and to permit persons to whom the Software is. * furnished to do so, subject to the following conditions:. * . * The above copyright notice and this permission notice shall be included in. * all copies or substantial portions of the Software.. * . * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE. * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER. * LIABILITY,

                                                        Chrome Cache Entry: 131

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (32003)
                                                        Category:downloaded
                                                        Size (bytes):52934
                                                        Entropy (8bit):5.494212213297392
                                                        Encrypted:false
                                                        SSDEEP:768:+FBlHIdBvhVwLE5P0HLSoUAmeZamJpLGgVI3g6BiZcRWN25WDv6:+pHIdBr0HLzsgVIw6QmWy
                                                        MD5:4D67885F1B4E62EB8854011C1965C951
                                                        SHA1:800369823C6E66E576464C51A74C658EF5399DB4
                                                        SHA-256:4D34FFB2BF8D2DF2EB7FFDDFD7DFFF419D601E21C4618F5A95CFF47FA0C21AC8
                                                        SHA-512:C78F1844BB6A3063C8EBE267157E34FAB1A0244C52356E36B6173D6074D9FAEA1CFAF82DF6EDDDFAEB37B42364BB68BE0737FF8F67E2C11BF7EAF92D0A84FCA7
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/aria-web-telemetry-2.7.1.min.js
                                                        Preview:var clienttelemetry_build;!function(e){e.version="2.7.1"}(clienttelemetry_build||(clienttelemetry_build={}));var Microsoft;!function(e){var t;!function(e){!function(e){e[e.BT_STOP=0]="BT_STOP",e[e.BT_STOP_BASE=1]="BT_STOP_BASE",e[e.BT_BOOL=2]="BT_BOOL",e[e.BT_UINT8=3]="BT_UINT8",e[e.BT_UINT16=4]="BT_UINT16",e[e.BT_UINT32=5]="BT_UINT32",e[e.BT_UINT64=6]="BT_UINT64",e[e.BT_FLOAT=7]="BT_FLOAT",e[e.BT_DOUBLE=8]="BT_DOUBLE",e[e.BT_STRING=9]="BT_STRING",e[e.BT_STRUCT=10]="BT_STRUCT",e[e.BT_LIST=11]="BT_LIST",e[e.BT_SET=12]="BT_SET",e[e.BT_MAP=13]="BT_MAP",e[e.BT_INT8=14]="BT_INT8",e[e.BT_INT16=15]="BT_INT16",e[e.BT_INT32=16]="BT_INT32",e[e.BT_INT64=17]="BT_INT64",e[e.BT_WSTRING=18]="BT_WSTRING",e[e.BT_UNAVAILABLE=127]="BT_UNAVAILABLE"}(e.BondDataType||(e.BondDataType={}));e.BondDataType;!function(e){e[e.MARSHALED_PROTOCOL=0]="MARSHALED_PROTOCOL",e[e.MAFIA_PROTOCOL=17997]="MAFIA_PROTOCOL",e[e.COMPACT_PROTOCOL=16963]="COMPACT_PROTOCOL",e[e.JSON_PROTOCOL=21322]="JSON_PROTOCOL",e[e.PRETTY_JSON_P

                                                        Chrome Cache Entry: 132

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                                                        Category:downloaded
                                                        Size (bytes):673
                                                        Entropy (8bit):7.6596900876595075
                                                        Encrypted:false
                                                        SSDEEP:12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D
                                                        MD5:0E176276362B94279A4492511BFCBD98
                                                        SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                                                        SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                                                        SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
                                                        Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                        Chrome Cache Entry: 133

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 352 x 3
                                                        Category:dropped
                                                        Size (bytes):2672
                                                        Entropy (8bit):6.640973516071413
                                                        Encrypted:false
                                                        SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                        MD5:166DE53471265253AB3A456DEFE6DA23
                                                        SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                        SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                        SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                        Chrome Cache Entry: 134

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):1805
                                                        Entropy (8bit):7.265265285391204
                                                        Encrypted:false
                                                        SSDEEP:24:oV1hpunQWwjx82lY2T32HEV8KJyJ3VAyKOGpxbAKJcyIXRP6VEBxX4pAE60KKAU9:4itNn2VMJ3R6breHDBBThFtYeD5B2
                                                        MD5:BC89C1FBFBC227DC5A7ED9B2797E240D
                                                        SHA1:8A9390297FDD0963C466CF2FD35D5B1F88A46B6A
                                                        SHA-256:744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
                                                        SHA-512:C18F6B22F4AC5040E3FEBE8034AD3A3A3EF32CF3384BE6C3144B2EB04080F03111743D5B30AF3A1343AFD68A20AAE5972422C724107243D00CD9CF263DDC10C7
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR...Y.........0.r.....sRGB.........gAMA......a.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BABFACAF901511E2BD4FDE5C526470CF" xmpMM:DocumentID="xmp.did:BABFACB0901511E2BD4FDE5C526470CF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BABFACAD901511E2BD4FDE5C526470CF" stRef:documentID="xmp.did:BABFACAE901511E2BD4FDE5C526470CF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..R....fIDATXG.mq[1.E.!...3&...P.................3..~L..q.O..t..{...v?..n.....b#.-.i..

                                                        Chrome Cache Entry: 135

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:JSON data
                                                        Category:dropped
                                                        Size (bytes):950
                                                        Entropy (8bit):4.48198966493377
                                                        Encrypted:false
                                                        SSDEEP:24:YE/O+si8Gv8+sarUM+sd+8sAIse/sv+sOd+sIM+sX+sxd+sBM+s7sarzsA6sa:YE2+sRp+sWUM+sd+8sAIse/sv+sOd+sd
                                                        MD5:9FCE93410EB828E0EDF41D3F021D93E2
                                                        SHA1:1584BC813F34E9B7356C6BD05CB2A14EC52E1590
                                                        SHA-256:F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
                                                        SHA-512:4683EAB5A623912C9684C67E49896C4C0F26C95D335898FEE201D6CB2FF4E2A4134F81903A333BF3C0E6F32A0F822A45BDFCBC613277F2B64CB483DE3173A32F
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:{"tenant_discovery_endpoint":"https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration","api-version":"1.1","metadata":[{"preferred_network":"login.microsoftonline.com","preferred_cache":"login.windows.net","aliases":["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{"preferred_network":"login.partner.microsoftonline.cn","preferred_cache":"login.partner.microsoftonline.cn","aliases":["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{"preferred_network":"login.microsoftonline.de","preferred_cache":"login.microsoftonline.de","aliases":["login.microsoftonline.de"]},{"preferred_network":"login.microsoftonline.us","preferred_cache":"login.microsoftonline.us","aliases":["login.microsoftonline.us","login.usgovcloudapi.net"]},{"preferred_network":"login-us.microsoftonline.com","preferred_cache":"login-us.microsoftonline.com","aliases":["login-us.microsoftonline.com"]}]}

                                                        Chrome Cache Entry: 136

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):5917
                                                        Entropy (8bit):4.69790735551239
                                                        Encrypted:false
                                                        SSDEEP:96:fwJRr9ow695j18FtspFtQw+eP1SIww0/H+d9R4+d9RT6plh695gb+RbDnJDL:ojoBSm1nw5/elNlTrgbWbVDL
                                                        MD5:FEFF24EBCB6B9ECDDBE4EE081CEB9E3F
                                                        SHA1:1CBCBA2D7B11FBC8CEB1DB77C2E494ABF04702E9
                                                        SHA-256:A87D538EAFF9800A888EC6FD3138C08655CFECB4EBA2965F4B0EBACD751DEA8A
                                                        SHA-512:830D9C4AEA0EAFA0056EE575A53D11FF328DE4BB98D6D009ABCD93398F23674C2628E0F367FDE1C75A68AB3D0C06E87DC845822AFE3492DB2F70CCCD2FA64EFC
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/authRedirect.js
                                                        Preview:// Create the main myMSALObj instance.// configuration parameters are located at authConfig.js.const myMSALObj = new msal.PublicClientApplication(msalConfig);..let username = "";.let name = "";../**. * A promise handler needs to be registered for handling the. * response returned from redirect flow. For more information, visit:. * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/acquire-token.md. */.myMSALObj.handleRedirectPromise(). .then(handleResponse). .catch(function (error) {. console.error(error);. });..function selectAccount() {.. /**. * See here for more info on account retrieval: . * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Accounts.md. */.. const currentAccounts = myMSALObj.getAllAccounts();.. if (currentAccounts.length === 0) {. return;. } else if (currentAccounts.length > 1) {. // Add your account choosing logic here

                                                        Chrome Cache Entry: 137

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):1525
                                                        Entropy (8bit):4.80220321270831
                                                        Encrypted:false
                                                        SSDEEP:24:jQB6rLbbhhye8jDjpfj/MALSj0eajoq0MgV05SkuVTgEbwe/sT5wiMa3sr6sHr3H:j8eLrynvlwIeyoJMluVEE0B7srH
                                                        MD5:ACA0F1B02DC406E76DDC5F2BDEBEC6CE
                                                        SHA1:594C930BE86B8843377565E349D2A10F1755A13A
                                                        SHA-256:0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
                                                        SHA-512:06887860F73D38799FFF8BF5B2972160B68C303EC904813861190E9A8A6477E4D300882994D661FDFC118C408625C537D8B28287DC9941D50302BD91C88ED98F
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/js/Common.js
                                                        Preview:.....function GetCookieValue(cookieName)..{.. if (document.cookie == undefined || document.cookie == "").. return "";.... var name = cookieName + "=";.. var cookieArray = document.cookie.split(';');.. for (var i = 0; i < cookieArray.length; i++).. {.. var clientCookie = cookieArray[i].trim();.. if (clientCookie.indexOf(name) == 0).. {.. return clientCookie.substring(name.length, clientCookie.length);.. }.. }.. return "";..}....function DeleteCookie(name)..{.. if (GetCookieValue(name).length > 0).. {.. document.cookie = name + "=" + ";expires=Thu, 01 Jan 2000 00:00:01 GMT";.. }..}....function GetUserSessionData(key) {.. var sessionStorage = window.sessionStorage;.. if (sessionStorage[key] == null) {.. return "";.. }.. return sessionStorage.getItem(key);..}....function SetUserSessionData(key, value) {.. var sessionStorage = window.sessionStorage;.. sessionStorage.setItem(key, val

                                                        Chrome Cache Entry: 138

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 352 x 3
                                                        Category:downloaded
                                                        Size (bytes):2672
                                                        Entropy (8bit):6.640973516071413
                                                        Encrypted:false
                                                        SSDEEP:48:ZaOdwduTYPpS9pZy9vDNi1miicsvrJkafMiS+MGQ09DU/X9/4Xp6m5Z9SQcq:4CIuTYPpSTc9vcPZX9/2gzQ/
                                                        MD5:166DE53471265253AB3A456DEFE6DA23
                                                        SHA1:17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D
                                                        SHA-256:A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
                                                        SHA-512:80978C1D262BC225A8BA1758DF546E27B5BE8D84CBCF7E6044910E5E05E04AFFEFEC3C0DA0818145EB8A917E1A8D90F4BAC833B64A1F6DE97AD3D5FC80A02308
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
                                                        Preview:GIF89a`............!..NETSCAPE2.0.....!.......,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....0.............<....[.\K8j.tr.g..!.......,....3............^;.*..\UK.]\.%.V.c...!.......,....7........`....lo...[.a..*Rw~i...!.......,....;........h.....l.G-.[K.,_XA]..'g..!.......,....?........i.....g....Z.}..)..u...F..!.......,....C...............P.,nt^.i....Xq...i..!.......,....F...........{^b....n.y..i...\C.-...!.......,....H..............R...o....h.xV!.z#...!.......,"...L.............r.jY..w~aP(.......[i...!.......,(...N.............r....w.aP.j.'.)Y..S..!.......,....H.........`......hew..9`.%z.xVeS..!.......,5...A.........`...\m.Vmtzw.}.d.%...Q..!.......,9...=.........h......3S..s.-W8m...Q..!.......,A...5.........h.....N...:..!..U..!.......,H.............h....M.x...f.i.4..!.......,O...'.........i...tp......(..!.......,X.............j...@.x....!.......,].............j..L..3em..!.......,e.............`......!.......,n..............{i..!..

                                                        Chrome Cache Entry: 139

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):68
                                                        Entropy (8bit):4.625316929997096
                                                        Encrypted:false
                                                        SSDEEP:3:tpSf4Ck8efFlK5ly:tak8efFlyly
                                                        MD5:D1690731F22021E1466FBCD0DB6326EF
                                                        SHA1:78F95BA0B7F82BBB7067000242DE860594ABD9C3
                                                        SHA-256:490216DF4F089BB5C249BCF4034D0671254CA4236EC3ECA935AAC4B17E0FC7F3
                                                        SHA-512:10B3CE812684D28DC72B74BA220E9A0DEE38550D49D25BB40B9EEB8764EE386E5F530D28A5E7C8E159B5C672D85D8649B102F3F04BD96092F9787ACACA4DBDF1
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISLAnYh4U85ulXExIFDURbFPwSBQ2L4FIoEgUNxK_d4xIFDW1rCkoSBQ2VKJT-?alt=proto
                                                        Preview:CjEKCw1EWxT8GgQIZBgCCgcNi+BSKBoACgcNxK/d4xoACgcNbWsKShoACgcNlSiU/hoA

                                                        Chrome Cache Entry: 140

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:Unicode text, UTF-8 (with BOM) text
                                                        Category:downloaded
                                                        Size (bytes):20944
                                                        Entropy (8bit):4.673468839586194
                                                        Encrypted:false
                                                        SSDEEP:384:cYye9qLicBLDB6ahsoP7S6sEzkP3BYumjk2iPQ0Fsx:mMqucVDvst6C3BYumZiPQXx
                                                        MD5:BA4EF2A284E81C8E650D7D24836DE151
                                                        SHA1:D3CFCADAB80139821DC9937966D050BC363EDF88
                                                        SHA-256:8F13BC76D4DAD1F7AF06BF4B128B6722CC28102DF885CC8C82995F45FA2699CE
                                                        SHA-512:E1003C4A7B9C4B02801E6107F3ABE11E5E1E75F433D4E84564ECFC006B0C238FDB4EB55BF4208EBD457E701DB32B7F9AB589C2FC294FD54AB5C3F235B189FEA3
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/Shared.js
                                                        Preview:.//-----------------------------------------------------------------------.// <copyright file="Shared.js" company="Microsoft">.// Copyright (c) Microsoft. All rights reserved..// </copyright>.//-----------------------------------------------------------------------..// AppendErrorRecord and GetErrorRecord is the BVT support function..var ErrorRecord = "";.AppendErrorRecord = function(errorRecord).{. // Put the data in the top level windows ErrorRecord.. window.top.ErrorRecord = window.top.ErrorRecord + errorRecord;. return false;.};.window.onerror = AppendErrorRecord;..var GetErrorRecord = function() {. return window.top.ErrorRecord;.};..var Namespace =.{. Register: function (name) {. var chk = false;. var cob = "";. var spc = name.split(".");.. for (var i = 0; i < spc.length; i++) {. if (cob != "") {. cob += ".";. }. cob += spc[i];. chk = this.Exists(cob);. if (!chk)

                                                        Chrome Cache Entry: 141

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):15552
                                                        Entropy (8bit):5.120073135830247
                                                        Encrypted:false
                                                        SSDEEP:384:buDJx7izHSvAvWCFH3l+JAu0SfsJbAQleO7edgSLo:jWGl+JAu0SV0
                                                        MD5:DB380967AB8D1C2F67A4ABB023F77F9A
                                                        SHA1:55B1700ACF99074CD3214F06CD6C137508AA3550
                                                        SHA-256:A10DB5EB3C5E26FAAFE61C5DCCFE95A6A26C21C057C35733C819CB94FEA60B4C
                                                        SHA-512:D68C19CD1F29EBAA53900465DAE15B908919A086C012FCC2D0D54A8EE7104CEA8BDEF4A4952F1D07774761408A6983BACD2D3E6E6148BED17F4AF8FE98312EEB
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/en-US/Locp.Resource.js
                                                        Preview:Type.registerNamespace('Lcp');.Lcp.Strings = function Lcp_Strings() {}.Lcp.Strings.registerClass('Lcp.Strings');.Lcp.Strings.language_AR_SA = 'Arabic \x28Saudi Arabia\x29';.Lcp.Strings.language_AR_EG = 'Arabic \x28Egypt\x29';.Lcp.Strings.language_BG_BG = 'Bulgarian \x28Bulgaria\x29';.Lcp.Strings.language_CA_ES = 'Catalan \x28Catalan\x29';.Lcp.Strings.language_CS_CZ = 'Czech \x28Czech Republic\x29';.Lcp.Strings.language_DA_DK = 'Danish \x28Denmark\x29';.Lcp.Strings.language_DE_DE = 'German \x28Germany\x29';.Lcp.Strings.language_EL_GR = 'Greek \x28Greece\x29';.Lcp.Strings.language_EN_AU = 'English \x28Australia\x29';.Lcp.Strings.language_EN_CA = 'English \x28Canada\x29';.Lcp.Strings.language_EN_GB = 'English \x28United Kingdom\x29';.Lcp.Strings.language_EN_IN = 'English \x28India\x29';.Lcp.Strings.language_EN_US = 'English \x28United States\x29';.Lcp.Strings.language_ES_ES = 'Spanish \x28Spain\x29';.Lcp.Strings.language_ES_MX = 'Spanish \x28Mexico\x29';.Lcp.Strings.language_ET_EE = 'Esto

                                                        Chrome Cache Entry: 142

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):46376
                                                        Entropy (8bit):4.760560792293901
                                                        Encrypted:false
                                                        SSDEEP:768:QgRN7ChZGd/5zEhQ49zXWV/eTSLtiMK7OQyOYZ:V1d/5edgVrlH
                                                        MD5:DBFAC7887A157C9B73DC42927FC15B74
                                                        SHA1:435FD188BF66F0207EEB298DD13228D17D36E4D1
                                                        SHA-256:FC66E3943BC6EDC7B1F79D952D31DABCBA3BD576190DEEB9A7518CEE6B75C5A1
                                                        SHA-512:C1918B35A03BD2110C2CB4EAD140BA342C54EE7BEE2C1E4B6582B56B86DA93AECDDA92DA626C7B15BDEBC067893ACD354919495551E71EE0C9D5993B43433958
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/js/Webtrends.js
                                                        Preview:// WebTrends SmartSource Data Collector Tag..// Version: 8.6.2..// MS Version: 3.2.5..// Tag Builder Version: 3.0..// Created: 04/01/2011..function WebTrends() {.. var that = this;.. if (typeof (gDcsId) != "undefined" && gDcsId) this.dcsid = gDcsId;.. else this.dcsid = "not_a_valid_dcsid";.. if (typeof (gDomain) != "undefined" && gDomain) this.domain = gDomain;.. else this.domain = "m.webtrends.com";.. if (typeof (gTimeZone) != "undefined" && gTimeZone) this.timezone = gTimeZone;.. else this.timezone = -8;.. if (typeof (gFpcDom) != "undefined" && gFpcDom) this.fpcdom = gFpcDom;.. else {.. if (/microsoft.com$/.test(window.location.hostname)) {.. this.fpcdom = ".microsoft.com";.. } else {.. this.fpcdom = window.location.hostname;.. }.. }.. if (typeof (gOffsite) != "undefined" && gOffsite).. if (gOffsite == true || gOffsite == "true") this.fpcdom = "";.. this.navigationtag = "div,table";.. if (typeof

                                                        Chrome Cache Entry: 143

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 22 x 22
                                                        Category:downloaded
                                                        Size (bytes):478
                                                        Entropy (8bit):7.072122642964318
                                                        Encrypted:false
                                                        SSDEEP:12:d44xCq3nQQ5Q36sd0Tc/ET4Io9yjPy00EjNF8:d40CqXQQ5E69qEkI4Wy0lNF8
                                                        MD5:309B41EE7A44BD51E5D1B52CCC620E5B
                                                        SHA1:B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08
                                                        SHA-256:F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
                                                        SHA-512:9279138126F8FEDD3AEF32BA4BCD78D3D26BBD4E7DE6F3B21014B96C34D7E69BC4C6471CC94772346CB6C7F9020EB5FE1A3A96686A5B250F5CCDEE54A0936F4D
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/hip_text.gif
                                                        Preview:GIF89a.....;....333..........ZZY.........fff.........ssr...........................................................................................MML.........@@@....................................!.....;.,.............p.+.....9.P'..D.`..........t..pB\C.k..n...[..x7hRt..x7-}.92....}%p5.+..8..9552...n2...#.3//...3../33..."*..3+.../9..22....3....+./.9.2......9.........3.....}(.).....5..........7......`...........,"J....D>Dlh...F4D(..I..I..@...!..0]B..d%..*w...;

                                                        Chrome Cache Entry: 144

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
                                                        Category:dropped
                                                        Size (bytes):91302
                                                        Entropy (8bit):5.083847889045784
                                                        Encrypted:false
                                                        SSDEEP:1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF
                                                        MD5:2B4509D8A869917BBC5CE10982956619
                                                        SHA1:DC21BD40ED9B873779F855026F253BDD3322723D
                                                        SHA-256:397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822
                                                        SHA-512:2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:............ ............... ............... ......7..``.... ......S..@@.... .(B......00.... ..%...).. .... ......O........ .h...>`...PNG........IHDR.............\r.f....pHYs..........o.d...:IDATx...{........Uu...f.......#ry.='^....1...A].q!...$^.2...`.h...&...0Q@7.=.{6.%z..-.]#....0.L.tW}.....KOOW.......Q...w..*@)..RJ)..RJ)..RJ)..RJ)..R.....H...L[..7.j.....#.0..L.....y.U..@D%.i...g..3....x..Cd...R....-.^...nY...{..\..@.4..~.zz/..|.....g..@6S......~....W.N...%.J....r.9G ./.2......_.`..L.b.*7Z.%......["...1VB.;H.].o....~+....J....E..+>..h..............y...JH..mR..,..4.Y.Bp.k.+..#^..E...P.."&.{>.$D..y.Dz$ou..5'I.v....(r..GtKj...c;.P.\[.K...>..%....M..{...'.2.v.\...s..Fn..%....*77-.{.../....2..x..h....D..@..y......".....H.x._.p....D........=C../.(..%...._Z0...D..@....{O.3..%./d.q.3..@.h......#..........M.$=;P.z...$EL........80.-..I...,....@f..b;.?."rNf.F.9.@w.B...6)-.....o...;U...K..BLD..3.#.......3.%_.,P}...V...W....l.h.s.....3w..v.R...Rw.%

                                                        Chrome Cache Entry: 145

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced
                                                        Category:downloaded
                                                        Size (bytes):1805
                                                        Entropy (8bit):7.265265285391204
                                                        Encrypted:false
                                                        SSDEEP:24:oV1hpunQWwjx82lY2T32HEV8KJyJ3VAyKOGpxbAKJcyIXRP6VEBxX4pAE60KKAU9:4itNn2VMJ3R6breHDBBThFtYeD5B2
                                                        MD5:BC89C1FBFBC227DC5A7ED9B2797E240D
                                                        SHA1:8A9390297FDD0963C466CF2FD35D5B1F88A46B6A
                                                        SHA-256:744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
                                                        SHA-512:C18F6B22F4AC5040E3FEBE8034AD3A3A3EF32CF3384BE6C3144B2EB04080F03111743D5B30AF3A1343AFD68A20AAE5972422C724107243D00CD9CF263DDC10C7
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/header_microsoft.png
                                                        Preview:.PNG........IHDR...Y.........0.r.....sRGB.........gAMA......a.....tEXtSoftware.Adobe ImageReadyq.e<... iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS5 Windows" xmpMM:InstanceID="xmp.iid:BABFACAF901511E2BD4FDE5C526470CF" xmpMM:DocumentID="xmp.did:BABFACB0901511E2BD4FDE5C526470CF"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:BABFACAD901511E2BD4FDE5C526470CF" stRef:documentID="xmp.did:BABFACAE901511E2BD4FDE5C526470CF"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>..R....fIDATXG.mq[1.E.!...3&...P.................3..~L..q.O..t..{...v?..n.....b#.-.i..

                                                        Chrome Cache Entry: 146

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55071
                                                        Category:downloaded
                                                        Size (bytes):15799
                                                        Entropy (8bit):7.985179973188672
                                                        Encrypted:false
                                                        SSDEEP:384:UwXl87i4naaFtPESJ2DWOq1IcQS0SL7EOONPk:UwXW7i4naTSOAszOG8
                                                        MD5:978A6C1AA934E5B1C5320D515FD25662
                                                        SHA1:64636EF3E1AD607F095DBA6CB01447AC133B483D
                                                        SHA-256:D1963B1837F4087E988FD18BB4CF25B38D61D675C4B6A6FC01158BD39945F10A
                                                        SHA-512:411A51CC19890DC5B27E4800E5BB4BFB4D0E3DC076010C6AB8B10396524F4C996D86420888AF3A1632D5FB281CEB4373C18B0EEFC9F8A84AA59D295450393DA7
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js
                                                        Preview:...........}Ms#G.....uh.O=.>...4..p.O$...P.IF4.".K....1..5.......7.|.....S6..w8?......9...B.AwUeeeeeefee..f.Oc/._..G.............{..._..%.q..q........j<.w..O.7..."pgbV.C..k.T`..X....'v....<p....I.'..k<j@Ai..NP.6<..j..N.....0.......=..ox/+...9.sB..p.q.ai...?.....qw.D.X..b..?.bOD.x.B1..X..`.N..b..E...%JWg..x8.ys..:...I.....b1...q.......[..a..7q..N........._..4....&.. ........m&6.F.\.@.e.B..`.'.....0............]/.........`..iZ6......./f8..BCz_...i....MQ>..E,/x>v......{.........._.........Z.rP+......*e..R.\.Z.u..3@./.oJ7.'.......%.;.WP.9.b..z._..b....0......X...Ro^k*.lI..t..K7~.ep.`.)......'."".."....../..S....M..B5nEc2..g..m..|f.{...pbi(.0.@[_Lc.Z.....U`./!..@.....p.-..kQ@T..8...-...0.....AX.D.?...".....5.NE..\...VQa.....,......?..M.0......_<......C..fOq..bz'..z/BF.;&.K......%.....g........f!..^.:Z...g...j...7.._........S.2/.2.n.....>.<P!!.Bv..J........e!d....B.Ra$.......N........> f.C.....^.D.-.e.c+...............!....$.9x...{.....p~._.0.

                                                        Chrome Cache Entry: 147

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 22 x 22
                                                        Category:dropped
                                                        Size (bytes):478
                                                        Entropy (8bit):7.072122642964318
                                                        Encrypted:false
                                                        SSDEEP:12:d44xCq3nQQ5Q36sd0Tc/ET4Io9yjPy00EjNF8:d40CqXQQ5E69qEkI4Wy0lNF8
                                                        MD5:309B41EE7A44BD51E5D1B52CCC620E5B
                                                        SHA1:B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08
                                                        SHA-256:F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
                                                        SHA-512:9279138126F8FEDD3AEF32BA4BCD78D3D26BBD4E7DE6F3B21014B96C34D7E69BC4C6471CC94772346CB6C7F9020EB5FE1A3A96686A5B250F5CCDEE54A0936F4D
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:GIF89a.....;....333..........ZZY.........fff.........ssr...........................................................................................MML.........@@@....................................!.....;.,.............p.+.....9.P'..D.`..........t..pB\C.k..n...[..x7hRt..x7-}.92....}%p5.+..8..9552...n2...#.3//...3../33..."*..3+.../9..22....3....+./.9.2......9.........3.....}(.).....5..........7......`...........,"J....D>Dlh...F4D(..I..I..@...!..0]B..d%..*w...;

                                                        Chrome Cache Entry: 148

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):2200
                                                        Entropy (8bit):4.402022631601752
                                                        Encrypted:false
                                                        SSDEEP:48:cGw0Gke9tFADdqCqHviSRU+v2eR0TeRHeR4RiCyv3VEf9Le9tqvkY:HGP9LATqPiSkeaTeBeYiCyvlQC988Y
                                                        MD5:BDEF8D572912B56F73D617F662C56FC6
                                                        SHA1:73E9ACD753C1FD8946484E9A7D2A50083992543B
                                                        SHA-256:74D1BBC799DAA1175D0EB25D2DC8BD7305D4BA79D535A9CE68883392FF5A1A95
                                                        SHA-512:8350B71146F2D1E67BD601E38AE09CFD48910B598C694BFAE887B0CBAF872CA7ABF4FEDFBC636865B8D4DACB35EEC711DFC7F067FFBA694448C522BB773FEBE3
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/authConfig.js
                                                        Preview:/**. * Configuration object to be passed to MSAL instance on creation. . * For a full list of MSAL.js configuration parameters, visit:. * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md . */.const msalConfig = {. auth: {. clientId: window.aadAppId,. authority: window.authorityUri,. redirectUri: window.aadAppRedirectUri. },. cache: {. cacheLocation: "sessionStorage", // This configures where your cache will be stored. storeAuthStateInCookie: true // Set this to "true" if you are having issues on IE11 or Edge. },. system: {. loggerOptions: {. loggerCallback: function (level, message, containsPii) {. if (containsPii) {. return;. }. switch (level) {. case msal.LogLevel.Error:. console.error(message);. return;. c

                                                        Chrome Cache Entry: 149

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 24 x 24
                                                        Category:downloaded
                                                        Size (bytes):2463
                                                        Entropy (8bit):6.994052150121201
                                                        Encrypted:false
                                                        SSDEEP:48:H0itvnLUG0J3nL8VO2ocia6Dk4MAbpGW4YBE/2p:HfNmT2QDnMAbsWTp
                                                        MD5:93DE6FB07C1382459E473381DA5D0E7E
                                                        SHA1:4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A
                                                        SHA-256:E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
                                                        SHA-512:B415DE10B55639DD5DFDD038FD490B675059122373659DD86AA00EBC7F6735FD22360264226F8675741FB76F3B3A16E9AB7FA907F489B377EF16E9222AA26E3B
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/images/wait_animation.gif
                                                        Preview:GIF89a.............!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:BCB95722648AE111A86BB806ED51E581" xmpMM:DocumentID="xmp.did:185F1A028B0511E19AA1A07B5BDC793D" xmpMM:InstanceID="xmp.iid:185F1A018B0511E19AA1A07B5BDC793D" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D7EC7F987A8AE111A86BB806ED51E581" stRef:documentID="xmp.did:BCB95722648AE111A86BB806ED51E581"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>......................................................................................................

                                                        Chrome Cache Entry: 150

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:HTML document, ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):15129
                                                        Entropy (8bit):4.535161701315701
                                                        Encrypted:false
                                                        SSDEEP:192:7ZtYOSzg+VZcFatnNv5giHAf1pEx4wQ/K:7ZpSPcFbLEx47S
                                                        MD5:19759EBDB2B2112C98FC35E1D8A7A04C
                                                        SHA1:AD5E4DE4BFBE2916C415AF62D12DA4B511EFF04D
                                                        SHA-256:2957AABA716D164317011B321ECEBD2ECECA1A68C07AA097EDC830AA2D68DDBE
                                                        SHA-512:0A54CF5DD865365824BD45254DDD3120BCFD58EFB82E5712B8D396902E7DF1F11971530EC3DB25F5D549A3337810B340E18940CA160CED7FF99005AA07394132
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/usp/voicemail
                                                        Preview:<!doctype html>..<html>..<head>.. <base href="/usp/">.. <meta charset="utf-8">.. <meta name="viewport" content="width=device-width, initial-scale=1">.. <title>User Settings Portal</title>.. <link rel="stylesheet" href="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/bootstrap.min.css" />.. <link rel="stylesheet" href="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/font-awesome.min.css" />.. <script type="text/javascript" src="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/MicrosoftAjax.js"></script>.. <script type="text/javascript" src="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/Shared.js"></script>.. <script type="text/javascript" src="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/Shell.js"></script>.. <script type="text/javascript" src="https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/asse

                                                        Chrome Cache Entry: 151

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65447)
                                                        Category:downloaded
                                                        Size (bytes):89501
                                                        Entropy (8bit):5.289893677458563
                                                        Encrypted:false
                                                        SSDEEP:1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn
                                                        MD5:8FB8FEE4FCC3CC86FF6C724154C49C42
                                                        SHA1:B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4
                                                        SHA-256:FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
                                                        SHA-512:F3DE1813A4160F9239F4781938645E1589B876759CD50B7936DBD849A35C38FFAED53F6A61DBDD8A1CF43CF4A28AA9FFFBFDDEEC9A3811A1BB4EE6DF58652B31
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js
                                                        Preview:/*! jQuery v3.6.0 | (c) OpenJS Foundation and other contributors | jquery.org/license */.!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],r=Object.getPrototypeOf,s=t.slice,g=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},x=function(e){return null!=e&&e===e.window},E=C.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}funct

                                                        Chrome Cache Entry: 152

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864
                                                        Category:dropped
                                                        Size (bytes):673
                                                        Entropy (8bit):7.6596900876595075
                                                        Encrypted:false
                                                        SSDEEP:12:Xl0t8TUViiYi5m6FhSBXWPsigK99WCqKMvBBFThSqfLd81CK6bC+k7LqZLsFlD:XFUVpkNK0Rwid81p6btk7LqZ6D
                                                        MD5:0E176276362B94279A4492511BFCBD98
                                                        SHA1:389FE6B51F62254BB98939896B8C89EBEFFE2A02
                                                        SHA-256:9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
                                                        SHA-512:8D61C9E464C8F3C77BF1729E32F92BBB1B426A19907E418862EFE117DBD1F0A26FCC3A6FE1D1B22B836853D43C964F6B6D25E414649767FBEA7FE10D2048D7A1
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:...........U.n.0....}i..P..C..7l/..d........n...G....yl. .E.......Tu.F.........?$.i.s..s...C..wi$.....r....CT.U.FuS..r.e.~...G.q...*..~M..mu}.0.=..&.~.e.WLX.....X..%p..i......7+.........?......WN..%>...$..c..}N....Y4?..x.1.....*.#v...Gal9.!.9.A.u..b..>..".#A2"+...<qc.v....)3...x.p&..K.&..T.r.'....J.T....Q..=..H).X...<.r...KkX........)5i4.+.h.....5.<..5.^O.eC%V^....Nx.E..;..52..h....C"I./.`..O...f..r..n.h.r]}.G^..D.7..i.].}.G.].....{....oW............h.4...}~=6u..k...=.X..+z}.4.].....YS5..J......)......m....w.......~}.C.b_..[.u..9_7.u.u.....y.ss....:_yQ<{..K.V_Z....c.G.N.a...?/..%. .-..K.td....4...5.(.e.`G7..]t?.3..\..... ....G.H...

                                                        Chrome Cache Entry: 153

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 352 x 3
                                                        Category:downloaded
                                                        Size (bytes):3620
                                                        Entropy (8bit):6.867828878374734
                                                        Encrypted:false
                                                        SSDEEP:48:ZumKaT5ezv47j2/ZiRDlq16x8XvEUcg777shHdpHVGJqFd:Eal647jPDlL8XvEUcg77kVGyd
                                                        MD5:B540A8E518037192E32C4FE58BF2DBAB
                                                        SHA1:3047C1DB97B86F6981E0AD2F96AF40CDF43511AF
                                                        SHA-256:8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
                                                        SHA-512:E3612D9E6809EC192F6E2D035290B730871C269A267115E4A5515CADB7E6E14E3DD4290A35ABAA8D14CF1FA3924DC76E11926AC341E0F6F372E9FC5434B546E5
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
                                                        Preview:GIF89a`.........iii!.......!.&Edited with ezgif.com online GIF maker.!..NETSCAPE2.0.....,....`.....6......P.l.......H....I..:qJ......k....`BY..L*..&...!.......,....`.....9..i....Q4......H..j.=.k9-5_..........j7..({.........!.......,....`.....9.......trV.......H....`.[.q6......>.. .CZ.&!.....M...!.......,....`.....8..........:......H..jJ..U..6_....../.el...q.)...*..!.......,....`.....9.....i..l.go.....H..*".U...f......._......5......n..!.......,....`.....:..i......./.....H...5%.kE/5.........In.a..@&3.....J...!.......,....`.....9.......kr.j.....H..*.-.{Im5c..............@&.........!.......,....`.....9.........j..q....H...].&..\.5.........8..S..........!.......,....`.....9.......3q.g..5....H...:u..............Al..x.q.........!.......,....`.....9......\.F....z....H...zX...ov.........h3N.x4......j..!.......,....`.....9........Q.:......H....y..^...1.........n.!.F......E...!.......,....`.....8.........i,......H....*_.21.I.........%...

                                                        Chrome Cache Entry: 154

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors
                                                        Category:dropped
                                                        Size (bytes):17174
                                                        Entropy (8bit):2.9129715116732746
                                                        Encrypted:false
                                                        SSDEEP:24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO
                                                        MD5:12E3DAC858061D088023B2BD48E2FA96
                                                        SHA1:E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5
                                                        SHA-256:90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
                                                        SHA-512:C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:..............h(..f...HH...........(..00......h....6.. ...........=...............@..........(....A..(....................(....................................."P.........................................."""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333"""""""""""""""""""""""""""""" ...333333333333333333333333333333""""""""""""""""""""""""""

                                                        Chrome Cache Entry: 155

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:JSON data
                                                        Category:downloaded
                                                        Size (bytes):1547
                                                        Entropy (8bit):4.63779068711367
                                                        Encrypted:false
                                                        SSDEEP:48:Ye2+seQykaO+sMzcijLiDT4+sOJhKdZKA2+sL32+s92+sPmoy04jl2+sv4szmZY7:ppseXXxsMzjSsOKHLpsTps9psPA06pst
                                                        MD5:3E2129EC7EE0D22D5874D661893921C0
                                                        SHA1:E6B20A5603F8B9292D46E2A74E32D1DDC6229196
                                                        SHA-256:C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
                                                        SHA-512:77A8919A97B102AA90D47C0C34A40FC82ABC491CBF4D7C4BC5649E5D8ED504BAA088003521AF68DD8B23DE7DD61257A7E9A72FE6AB841C827639DD13CF8D30EA
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
                                                        Preview:{"token_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/token","token_endpoint_auth_methods_supported":["client_secret_post","private_key_jwt","client_secret_basic"],"jwks_uri":"https://login.microsoftonline.com/common/discovery/v2.0/keys","response_modes_supported":["query","fragment","form_post"],"subject_types_supported":["pairwise"],"id_token_signing_alg_values_supported":["RS256"],"response_types_supported":["code","id_token","code id_token","id_token token"],"scopes_supported":["openid","profile","email","offline_access"],"issuer":"https://login.microsoftonline.com/{tenantid}/v2.0","request_uri_parameter_supported":false,"userinfo_endpoint":"https://graph.microsoft.com/oidc/userinfo","authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/authorize","device_authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/devicecode","http_logout_supported":true,"frontchannel_logout_supported":true,"end_session_endpoint":"https:/

                                                        Chrome Cache Entry: 156

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):23063
                                                        Entropy (8bit):4.7535440881548165
                                                        Encrypted:false
                                                        SSDEEP:384:GvUzYI+Vi4g1V5it1ONhA6w+Kv8i/4CYzLKL4DrLU0iTxZTAzIzrwDlTWMClQip9:bkON69kClQq8hDRJHp2tWU25Zt/gREVG
                                                        MD5:90EA7274F19755002360945D54C2A0D7
                                                        SHA1:647B5D8BF7D119A2C97895363A07A0C6EB8CD284
                                                        SHA-256:40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
                                                        SHA-512:7474667800FF52A0031029CC338F81E1586F237EB07A49183008C8EC44A8F67B37E5E896573F089A50283DF96A1C8F185E53D667741331B647894532669E2C07
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/WebResource.axd?d=2_9P-7FWCwUTw0t6PZgNgil7QYOdZv7mV3mTzPl_abY06iJhav3EeS0t3M_odI-eZMnD5CNzdW6tfsv0h7u9R5JWbOmxe47Usx_LRUKjpGi5F2_U3VOPZAXsUn8Iz933LGYQB0e77hidpcjWqh1nCg2&t=638478749639812753
                                                        Preview:function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) {.. this.eventTarget = eventTarget;.. this.eventArgument = eventArgument;.. this.validation = validation;.. this.validationGroup = validationGroup;.. this.actionUrl = actionUrl;.. this.trackFocus = trackFocus;.. this.clientSubmit = clientSubmit;..}..function WebForm_DoPostBackWithOptions(options) {.. var validationResult = true;.. if (options.validation) {.. if (typeof(Page_ClientValidate) == 'function') {.. validationResult = Page_ClientValidate(options.validationGroup);.. }.. }.. if (validationResult) {.. if ((typeof(options.actionUrl) != "undefined") && (options.actionUrl != null) && (options.actionUrl.length > 0)) {.. theForm.action = options.actionUrl;.. }.. if (options.trackFocus) {.. var lastFocus = theForm.elements["__LASTFOCUS"];.. if ((typeo

                                                        Chrome Cache Entry: 157

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
                                                        Category:downloaded
                                                        Size (bytes):91302
                                                        Entropy (8bit):5.083847889045784
                                                        Encrypted:false
                                                        SSDEEP:1536:59iJX9Lgm9iJX9Lgm9iJX9Lg/jHXZwuumF:54p4p4qXZwuumF
                                                        MD5:2B4509D8A869917BBC5CE10982956619
                                                        SHA1:DC21BD40ED9B873779F855026F253BDD3322723D
                                                        SHA-256:397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822
                                                        SHA-512:2D0A54E85C7BBDD653B1557A3741D44B621876503D6E8B8CFD5FC6BD3047E28B9702DFB132474DD3981174D96F994B46083008A327646C8D16467E80DA164BAB
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/favicon.ico
                                                        Preview:............ ............... ............... ......7..``.... ......S..@@.... .(B......00.... ..%...).. .... ......O........ .h...>`...PNG........IHDR.............\r.f....pHYs..........o.d...:IDATx...{........Uu...f.......#ry.='^....1...A].q!...$^.2...`.h...&...0Q@7.=.{6.%z..-.]#....0.L.tW}.....KOOW.......Q...w..*@)..RJ)..RJ)..RJ)..RJ)..R.....H...L[..7.j.....#.0..L.....y.U..@D%.i...g..3....x..Cd...R....-.^...nY...{..\..@.4..~.zz/..|.....g..@6S......~....W.N...%.J....r.9G ./.2......_.`..L.b.*7Z.%......["...1VB.;H.].o....~+....J....E..+>..h..............y...JH..mR..,..4.Y.Bp.k.+..#^..E...P.."&.{>.$D..y.Dz$ou..5'I.v....(r..GtKj...c;.P.\[.K...>..%....M..{...'.2.v.\...s..Fn..%....*77-.{.../....2..x..h....D..@..y......".....H.x._.p....D........=C../.(..%...._Z0...D..@....{O.3..%./d.q.3..@.h......#..........M.$=;P.z...$EL........80.-..I...,....@f..b;.?."rNf.F.9.@w.B...6)-.....o...;U...K..BLD..3.#.......3.%_.,P}...V...W....l.h.s.....3w..v.R...Rw.%

                                                        Chrome Cache Entry: 158

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113084
                                                        Category:downloaded
                                                        Size (bytes):20314
                                                        Entropy (8bit):7.979540464295058
                                                        Encrypted:false
                                                        SSDEEP:384:ekqQ8rNFEhCgMyL2iww6oIR8mWG+Pu9Z5IM6mxqrghTvUty7T9Q:9CGEiL/w7R8DW9Z5B6AasTv37T9Q
                                                        MD5:92A840DC3D177339DAE03FEDF22A22B5
                                                        SHA1:C1C9A6E6442388D07A9D9D72C12DA25094D6920F
                                                        SHA-256:4A986BA8875F22A0EABC356112A6790F90E114ADB72EAEC4632E03812EC1EDE4
                                                        SHA-512:98C705395DD249501D8069A03E0068BC9CCF4F2D139BEC63A00564C69CD21C05CB25CF56BA7B40822963737989D5048AD310E20D6022E84346C982CFCEF79E11
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
                                                        Preview:...........}ks.6.....\.R;.J.H=-WR;..&>g^53.G.R[.DY<C..$e.WG..... )...{+'g...l............bw_f7.:x..<x.-.*V5)/wE..Y...gy.0.*(.*-o.e.|..._..I.....?<{.!x...W..._..^..p..E..'..Y...<.....*]..6(. ..D..*...Y.......:.ve.?..!..|t...].+.......a.......|.P...u.H.d.d.r.c[..~.L..n.-.}e.H3...r..^..iP.u.*.z.....)..Z.jx..C'......u..{.C...N.o.m~..F(b..f.....h..O.....6....kr.......n2m M$.R..R..i{.~...*..n.dKY..#.Kn.4..G...O..l.#.a=..iU..].S.2.wY..O.|...Z.A....].uU.._%U.<...pp..u=.....C.R..S.....0...A<......&...W..'o.T.."..jO..^+.....DiW.b..7i..7..........lKe.0.~B0.....zQu#...YB.,.{*.&.6..G.6..._...J.i.?.LS$( .^.{..u.-.0....K....M&j..s.yB..+....^.)...7e.....]..eFI_.kRX.B......D[.4......+.u=>....R.`QEK...R..d...*S.. ,c5RKBK(......][..eF{T.....6...".....Uk:..S.0Ro.}B.dwJZ}U..S.F.....&.&.~|......{..Ep.>x..._....}p..=.}...v...7?}...g..1&.......}...^...o.x.>x...../.^....._.........w.v./.........BA...{J..w..$?.}w....?zO.r..5...7.gl..z...g.?.{....R.......yGj

                                                        Chrome Cache Entry: 159

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65291)
                                                        Category:downloaded
                                                        Size (bytes):97898
                                                        Entropy (8bit):5.313972486876151
                                                        Encrypted:false
                                                        SSDEEP:384:oe7fwPxF9aWzSJiCwE9M2VGJqiU2cZlR8iFzSDr+wF8pHBsbeJxRS6tShRxqr3XJ:oe7LxjwZCjcRCMHssnU6oYDE4n7k3
                                                        MD5:7729CA22266062FAD76102797EBB4CF5
                                                        SHA1:9C3014D32B6867B42AB4930C39FC035D132C22E6
                                                        SHA-256:9496EA29BF4941907CCDF6E5D152CEB1505A6801D5DEEF1BC51F1DEABC3016FA
                                                        SHA-512:DDB04DC9096949E1275A97560931ECC6ED95CF34DE7AE4C1D6DB526C509A9DA460979597B419F641C34667AD6F25565F5AEB965BF65945D52737E1E3528D5E0D
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/fabric.min.css
                                                        Preview:/* Copyright (c) Microsoft. All rights reserved. Licensed under the MIT license. See LICENSE in the project root for license information. */../**. * Office UI Fabric 2.1.0. * The front-end framework for building experiences for Office 365.. **/..ms-font-su,.ms-font-xl,.ms-font-xxl{font-family:'Segoe UI Light WestEuropean','Segoe UI Light','Segoe UI',Tahoma,Arial,sans-serif;font-weight:400;color:#333}.ms-u-slideLeftIn40,.ms-u-slideRightIn40{-webkit-animation-timing-function:cubic-bezier(.1,.9,.2,1)}.ms-Grid-row:after,.ms-Grid:after,.ms-u-clearfix:after{clear:both}.ms-Grid,.ms-Grid-col,.ms-Grid-row,.ms-u-borderBox,.ms-u-borderBox:after,.ms-u-borderBox:before,.ms-u-normalize{box-sizing:border-box}.ms-u-clearfix:after,.ms-u-clearfix:before{display:table;content:'';line-height:0}.ms-Icon,.ms-Icon--circle{display:inline-block;-webkit-font-smoothing:antialiased}.ms-u-normalize{margin:0;padding:0;box-shadow:none}.ms-bgColor-themeDark,.ms-bgColor-themeDark--hover:hover{background-color:#005a9e}

                                                        Chrome Cache Entry: 160

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:GIF image data, version 89a, 24 x 24
                                                        Category:dropped
                                                        Size (bytes):2463
                                                        Entropy (8bit):6.994052150121201
                                                        Encrypted:false
                                                        SSDEEP:48:H0itvnLUG0J3nL8VO2ocia6Dk4MAbpGW4YBE/2p:HfNmT2QDnMAbsWTp
                                                        MD5:93DE6FB07C1382459E473381DA5D0E7E
                                                        SHA1:4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A
                                                        SHA-256:E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
                                                        SHA-512:B415DE10B55639DD5DFDD038FD490B675059122373659DD86AA00EBC7F6735FD22360264226F8675741FB76F3B3A16E9AB7FA907F489B377EF16E9222AA26E3B
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:GIF89a.............!..NETSCAPE2.0.....!..XMP DataXMP<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.0-c060 61.134777, 2010/02/12-17:32:00 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:BCB95722648AE111A86BB806ED51E581" xmpMM:DocumentID="xmp.did:185F1A028B0511E19AA1A07B5BDC793D" xmpMM:InstanceID="xmp.iid:185F1A018B0511E19AA1A07B5BDC793D" xmp:CreatorTool="Adobe Photoshop CS5 Windows"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:D7EC7F987A8AE111A86BB806ED51E581" stRef:documentID="xmp.did:BCB95722648AE111A86BB806ED51E581"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>......................................................................................................

                                                        Chrome Cache Entry: 161

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113657
                                                        Category:downloaded
                                                        Size (bytes):35813
                                                        Entropy (8bit):7.9933603091137355
                                                        Encrypted:true
                                                        SSDEEP:768:GuwXn8kBZAqgpsnCq63v9K6eodOamRz3YkdBSqwSsg84Yk5RFB6:Jc8kBBnChQodOamRz3YQFSLk3q
                                                        MD5:57911010756C90D58754C91EF1EE2765
                                                        SHA1:BAA48FEF4866D7DAFD9F59417745EE838F0E63CA
                                                        SHA-256:87C5385BA17F84CC25FB7BBE1EDB4169BC702842BD74B758ACDC130986D55BC2
                                                        SHA-512:FF5A7B638CD9117C89C277F6846506D41768D3A30F81B63768379294160AEE89F0D60E853F938D28A654226E18FE3389808ECCDA7D106F76EBE95A53A00DD560
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js
                                                        Preview:...........{..8.(.........,.-.......gglu.. .m..I....~..oRv......i.(....P(......k............o.6>.|..d..........O...V..}.G..4......9.l..F.mDI.f.4...o,..EA.1...F1g..,...E..Gy...,No6.@..l....n..;....P.fQ...ty...b#I.(d.A2!j1$..m....6n.Q8.x..Y...b#c!....|.p..w#..F..i..s.Gc..b..9U.k......&@pJ..'40J......e.$.k.L(b...F.n.+..nO..6@n...A.&.,LVa......Y......V..o..% ....,......:..e.-XR. <FE.w..b..P......r.b.["~..!.....y.......V...4.;M..Y.X.{.......0].N..,.r`=...Mv....;...k....w.1p.q...(.u.3....;).. }...s....'....c...o.d....Ax.W..._...?.9..*.........3..MWI..3.p3..u.m$~Vo:n.'.8..!5h....y...6=7...hz.......f.-.).......Nc..:...g...~.8..4.....0P......$.=.a....#._..3.t..7Q...-....6..j.|...*.5-...B...}.VQ.&/.*..e.XeI.C../.y...{...1...Y..g..`'..F..h.o.]SHW...,..Ac_%y...M..u.O..U..`.&...Y.}....Tu..z..iv.....5..M.q.. .Bz.,..oSS.%..y.....gS1s.(.........%,fE.m.@~.4.........7.x.$0mQ..o....J.J^....~.....*.u!.~Z.iw.b...Q~).=..Tq.:.7HH.E.&6.D`.(..Cxmf.(o...^y_.v.{..K<Y.5.

                                                        Chrome Cache Entry: 162

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):4020
                                                        Entropy (8bit):7.929907559552797
                                                        Encrypted:false
                                                        SSDEEP:96:1X+Yg6Iet+ZpBmQKEuhA/4oJqNoCkQV+CX8h:Fg69t+YfPhEBPnC+t
                                                        MD5:36AFB641BECFAD75FED5F4E6E8C39268
                                                        SHA1:2495652F017B7A06D796AFE9C4A06ECD54F9CCFE
                                                        SHA-256:5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
                                                        SHA-512:08C27020CF80A181B941EE144090FFBDD12ED34BA8CBEC037ACECE63F850FF8A69BE6DDB0EC24F7141C46F27779ED59AF84A55FB367C1B6F8893B444F44C5AF5
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR...R...H.......}.....pHYs..!8..!8.E.1`....sRGB.........gAMA......a....IIDATx...r....[ZZ..V.'0......].......z....M..U.%........C.....}...s...mIV.O5...... ...U.Hq@b......Y..../)..hy.._S......KzK...O\5EQ...(....B.(......(J *...(...*....B.(......(J *...(...*....B.(..H..EQ.C...V...7.//...~...?.....h4:.@TH.E....}........k.v....L./.@TH...pGN.;.....'.(s...k.......4GTH...'O.~...g[..o.."....l..>.G...;..~...&.....d..u.^F.........M.h.....>.}>..........[......E.b..?.u..{.B........M._.iAh.>~.<*S...=.@`e..e....R....._ViA.E....R.@...@..vm.'Ei.v..\>QD..e..R......;o.p{......./^d..TH;.,F>..6...1?..E.p.}..J.p...XD.........7*.^b..../.w...........n0.+R.V).J.a..^.X.S..B(..W+++..W. ..e%"Z.[.{,....JQ.iG`....(5..e..`u.*.=.)J...........C.!.@..;$.i.F...W.[....#............k.(J.z....`.dB..)..-H...R.H..O.#V..%......W.4>.'..aJ9.2Q..+.R..id`.x..1.. .../.(J%..>2d.QJ..7.|.S`..10>..}.M#.....4......<f}..OWO..m.;C[;u.|P!......L...S.Egr.....3.k.......i.........O...

                                                        Chrome Cache Entry: 163

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (28900)
                                                        Category:downloaded
                                                        Size (bytes):29063
                                                        Entropy (8bit):4.755267089852831
                                                        Encrypted:false
                                                        SSDEEP:384:Uu5yWeTUKW+KlkJ5de2UYDyVfwYUas8l8yQ/8dwwdG:flr+Klk3Yi+fwYUf8l8yQ/eC
                                                        MD5:4083F5D376EB849A458CC790B53BA080
                                                        SHA1:FB5B49426DEE7F1508500E698D1B3C6B04C8FCCE
                                                        SHA-256:008A1D103902F15FDB1C191FCB1CE8954330E7B8DE43D09ABB08555BA609F420
                                                        SHA-512:E2E1991E96C3962371880BFF43364DA3FC9BD85B405FEAA20DBEF2A415A211D2505FC3EE829F0CEA297949190DF2342B0CB5AC877AEB3C349745FDC3C0560CEA
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/css/font-awesome.min.css
                                                        Preview:/*!. * Font Awesome 4.6.3 by @davegandy - http://fontawesome.io - @fontawesome. * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License). */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.6.3');src:url('../fonts/fontawesome-webfont.eot?#iefix&v=4.6.3') format('embedded-opentype'),url('../fonts/fontawesome-webfont.woff2?v=4.6.3') format('woff2'),url('../fonts/fontawesome-webfont.woff?v=4.6.3') format('woff'),url('../fonts/fontawesome-webfont.ttf?v=4.6.3') format('truetype'),url('../fonts/fontawesome-webfont.svg?v=4.6.3#fontawesomeregular') format('svg');font-weight:normal;font-style:normal}.fa{display:inline-block;font:normal normal normal 14px/1 FontAwesome;font-size:inherit;text-rendering:auto;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.fa-lg{font-size:1.33333333em;line-height:.75em;vertical-align:-15%}.fa-2x{font-size:2em}.fa-3x{font-size:3em}.fa-4x{font-size:4em}.fa-5x{font-size:5em}.fa-fw{width:1.

                                                        Chrome Cache Entry: 87

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65329), with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):102801
                                                        Entropy (8bit):5.336080509196147
                                                        Encrypted:false
                                                        SSDEEP:1536:MGLiogSomRYvoGtT+KHsVS0bT79DSsi46j/LPyR7kbE:MGLXGFKT79DSs6WCE
                                                        MD5:C89EAA5B28DF1E17376BE71D71649173
                                                        SHA1:2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD
                                                        SHA-256:66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
                                                        SHA-512:B73D56304986CD587DA17BEBF21341B450D41861824102CC53885D863B118F6FDF2456B20791B9A7AE56DF91403F342550AF9E46F7401429FBA1D4A15A6BD3C0
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/ScriptResource.axd?d=rKi1V3VGNYf9Wo4eEjkaEPP-kuASnqlHGD20Welj7KIV3NdO7hWPWT2YNjz_Q67962GGuvSh9a2PBU49MfN31fzXjV7ZIVY8eQeKVfB1MXjxEwjK0MQUJ5A91IX5rub-JCkN4CeWiYuq_NMtX7gL4aLMC2zrA36YBRqcyp19QBnvqBNTHSWUbFlRe3ATp36Z2fLUjTpPRNCswW2M9TrU0Mn0MXArQ5Sm_nIYwJwUU_w1&t=74258c30
                                                        Preview://----------------------------------------------------------..// Copyright (C) Microsoft Corporation. All rights reserved...//----------------------------------------------------------..// MicrosoftAjax.js..Function.__typeName="Function";Function.__class=true;Function.createCallback=function(b,a){return function(){var e=arguments.length;if(e>0){var d=[];for(var c=0;c<e;c++)d[c]=arguments[c];d[e]=a;return b.apply(this,d)}return b.call(this,a)}};Function.createDelegate=function(a,b){return function(){return b.apply(a,arguments)}};Function.emptyFunction=Function.emptyMethod=function(){};Function.validateParameters=function(c,b,a){return Function._validateParams(c,b,a)};Function._validateParams=function(g,e,c){var a,d=e.length;c=c||typeof c==="undefined";a=Function._validateParameterCount(g,e,c);if(a){a.popStackFrame();return a}for(var b=0,i=g.length;b<i;b++){var f=e[Math.min(b,d-1)],h=f.name;if(f.parameterArray)h+="["+(b-d+1)+"]";else if(!c&&b>=d)break;a=Function._validateParameter(g[b],f

                                                        Chrome Cache Entry: 88

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:HTML document, ASCII text, with very long lines (2345), with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):2347
                                                        Entropy (8bit):5.290031538794594
                                                        Encrypted:false
                                                        SSDEEP:48:gCgF0+kNL5iQ6+GhB+SYWzGuesAFcsGJOzgO6FIEv+sj+M++sx+suse+swsosmC0:gC3Na5+GX+Ti2XsYE2sqAsosushswsoB
                                                        MD5:E86EF8B6111E5FB1D1665BCDC90888C9
                                                        SHA1:994BF7651CB967CD9053056AF2D69ACB74DB7F29
                                                        SHA-256:3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
                                                        SHA-512:2486B491681EE91A9CD1ECC9AA011A3FB34B48358C5D7A4D503A5357BC5CE4CA22999F918D40AC60A3063940D5F326FC7E4E5713D89D5C102DE68824E371B3AB
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://login.live.com/Me.htm?v=3
                                                        Preview:<script type="text/javascript">!function(n,t){for(var e in t)n[e]=t[e]}(this,function(n){function t(i){if(e[i])return e[i].exports;var s=e[i]={exports:{},id:i,loaded:!1};return n[i].call(s.exports,s,s.exports,t),s.loaded=!0,s.exports}var e={};return t.m=n,t.c=e,t.p="",t(0)}([function(n,t){function e(n){for(var t=g[c],e=0,i=t.length;e<i;++e)if(t[e]===n)return!0;return!1}function i(n){if(!n)return null;for(var t=n+"=",e=document.cookie.split(";"),i=0,s=e.length;i<s;i++){var o=e[i].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===o.indexOf(t))return o.substring(t.length)}return null}function s(n,t,e){if(n)for(var i=n.split(":"),s=null,o=0,a=i.length;o<a;++o){var l=null,c=i[o].split("$");if(0===o&&(s=parseInt(c.shift()),!s))return;var p=c.length;if(p>=1){var f=r(s,c[0]);if(!f||e[f])continue;l={signInName:f,idp:"msa",isSignedIn:!0}}if(p>=3&&(l.firstName=r(s,c[1]),l.lastName=r(s,c[2])),p>=4){var g=c[3],m=g.split("|");l.otherHashedAliases=m}if(p>=5){var h=parseInt(c[4],16);h&&(l.

                                                        Chrome Cache Entry: 89

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators
                                                        Category:dropped
                                                        Size (bytes):51589
                                                        Entropy (8bit):4.644529254231268
                                                        Encrypted:false
                                                        SSDEEP:768:3VBsTAGxc6wIR4L5IBRe7RMCb9llQfWGfAlBRsYXzrSSl:3V+FrRvBRe7eCnlQfWGfAlBRsYX6Sl
                                                        MD5:929B21F108C4F46AE8E5588258652D94
                                                        SHA1:A4FD35F93DC186DED41CB3EFEBE8EC8A82EA54BF
                                                        SHA-256:1F605F99E25FF7BAC8D672C6A0C12AF2E49357D7F0F88A8BDDEAEFA2852F7513
                                                        SHA-512:2EFC1ABD74846527BC40C351ED912C4DEC5EEC6C7585F11BCC82AE28F0F618C699EE123F19F394F1FA70A7C993FDC8C470DEFD0506F23746147E12ED2E8D8B27
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">..<head><title>...Microsoft Online Password Reset..</title><meta http-equiv="x-ua-compatible" content="IE=9" /><meta http-equiv="Expires" content="0" /><meta http-equiv="Pragma" content="no-cache" /><meta http-equiv="Cache-Control" content="no-store, no-cache" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta name="robots" content="noindex, nofollow, NOODP, NOYDIR" /><meta name="viewport" content="width=device-width, initial-scale=1" /><link id="FavoriteIcon" rel="Shortcut Icon" type="image/x-icon" href="../favicon.ico?v=1342177280" />.... <script src="//ajax.aspnetcdn.com/ajax/jQuery/jquery-3.6.0.min.js" type="text/javascript"></script>.. <script type="text/javascript">window.jQuery || document.write('<script type="text/javascript" src="../js/jquery-3.6.0.min.js">\

                                                        Chrome Cache Entry: 90

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                        Category:downloaded
                                                        Size (bytes):1435
                                                        Entropy (8bit):7.8613342322590265
                                                        Encrypted:false
                                                        SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                                        MD5:9F368BC4580FED907775F31C6B26D6CF
                                                        SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                        SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                        SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
                                                        Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                        Chrome Cache Entry: 91

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                        Category:downloaded
                                                        Size (bytes):12980
                                                        Entropy (8bit):4.656952280411437
                                                        Encrypted:false
                                                        SSDEEP:384:QjJmcs01WskN59g1+VW1aEV4xvbw94l1R5SUcZEWajJIcjqTqxBojafes0OPUE9h:t4i7l1rSVajJWjs0O8E9h
                                                        MD5:8EDFCD3F7A179CFF6B123DFF50F29770
                                                        SHA1:7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF
                                                        SHA-256:D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
                                                        SHA-512:169D1C71078DCB1C65B3CBAFBA3379B94718D6C1E472990666430A6B2C0483CC9B27E13820A29D2DCA2364D3CD3F7D2ECDED48B9ACF406BF74CB505489FB9503
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/js/Button.js?v=1342177280
                                                        Preview:.//------------------------------------------------------------..// Copyright (c) Microsoft Corporation. All rights reserved...//------------------------------------------------------------....var Button = new Object();....Button.ActiveButton = null;..Button.FocusButton = null;..Button.DefaultButton = null;..Button.CancelButton = null;..Button.ActivatedButtonID = null;..Button.Groups = {};....Button.SetText = function(id, text) {.. var button = document.getElementById(id);.. if (button != null) {.. for (var i = 0; i < button.children.length; i++) {.. var ch = button.children[i];.. if (ch.tagName.toLowerCase() == 'span') {.. ch.innerHTML = text; //// TODO: this causes the text wrapped with an <a> tag to get inserted in Firefox, which needs to get fixed... break;.. }.. }.. }.. var span = document.getElementById(id + '_disabled');.. if (span != null) {.. for (var i = 0; i < span.childr

                                                        Chrome Cache Entry: 92

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):1561
                                                        Entropy (8bit):7.762338770217686
                                                        Encrypted:false
                                                        SSDEEP:48:c/CeK/fE+XoVldIkPdTWbuf173xX964boBdIhLE:ntcx/Iksbuf17f64borIK
                                                        MD5:8DC34013E911C5F68FC2BCA0400CB06F
                                                        SHA1:16BAFA91AF100D65C4945F04E0C6E1643B98CF00
                                                        SHA-256:795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
                                                        SHA-512:83ACA42A30BFD629BC1E88D3ED154475E7949C1B154D19E6C9EF1DE825BA7967C0B6DA9EE79E7B420668242CCE5931DF344C97278A254F0A72C3D09EABED6051
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR...<...<.....:..r....sBIT....|.d.....pHYs...........S.....tEXtCreation Time.05/06/16...o....tEXtSoftware.Adobe Fireworks CS6.....qIDATh..=l.E.....H..H*.|... ...&.D..).@....&...N....)_.E ...(.p...p(H...Ht... ..0............i.}s.....{`ss....;.......:...u..."....Az.r.%.9.|....wU.j...o....N4...~....g.u.=`.;..9.7.%....Ad#......9....~7.....&.a........`]x^D....&,"..kv.l..K.S+!....#{.xm.;..%.+F<.\..#...bN...2...\.".I..U]..#.dWy$."r.2;Z...w)oD..H..u..M.'.k70.<4aG..`'~......k31W.2!Ue.A"..j....X..C...dNUd.... .j.|c."..../..P.MXD......C`>7Y.K...n.....U..#..^4....Uu...Q.);.`9q.53..n.@.......A6.E,6.-d; ........nl.>..."..N7..9\6.....p^a..4aG...3...gUu#..j...2............f.....^.)...Udo'&..G.C.Z...L).....".t...pCD..n..a.....E....F...o.k.Y+b...[...gT..... ...]....V..m.!\..SCwh8w..J^.3N........\.W.....3.....lP.Da........-..........@_...i......r..%..)E.Q...3..M..o.$...`...".......-/EHIDZ.q.MC.......D.Q..".. ..#...................1...p.x?dKP.=...{u\.

                                                        Chrome Cache Entry: 93

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651
                                                        Category:dropped
                                                        Size (bytes):1435
                                                        Entropy (8bit):7.8613342322590265
                                                        Encrypted:false
                                                        SSDEEP:24:XjtSZi0kq+yVCGYXVrO4vDxik/N/z5VaLPbholJvf6dblke68eRZJyBDz3BnZcNX:XgDkpyVCGca4b//9z5oPXdbl9688qRzY
                                                        MD5:9F368BC4580FED907775F31C6B26D6CF
                                                        SHA1:E393A40B3E337F43057EEE3DE189F197AB056451
                                                        SHA-256:7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
                                                        SHA-512:0023B04D1EEC26719363AED57C95C1A91244C5AFF0BB53091938798FB16E230680E1F972D166B633C1D2B314B34FE0B9D7C18442410DB7DD6024E279AAFD61B0
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:...........WMo.7..+..uV.HJ...{..........&..v...(Q.F.....aW.Q.|..~.|{~...b{8...zv.....8|...b.gxb.y{.x<\lS...p...p..l7...o.}.v.....t.........r..r.|9?.......HP...r.4.aGA.j....7.!....K.n.B.Z.C.]....kj..A..p...xI...b..I!K..><.B..O....#...$.]h.bU.;.Y...).r.u....g*.-w.2..vPh....q....4_..N\..@y).t{.2pj.f..4h.....NC.....x.R..P..9.....".4.`%N..&...a.@.......fS)A4.F..8e9KHE....8d.CR.K..g..Q.......a....f.....dg*N.N.k..#w..........,.".%..I.q.Y.R]..7.!.:.Ux...T.qI..{..,b..2..B...Bh...[o..[4....dZ.z.!.l....E.9$..Y.'...M.,p..$..8Ns3.B.....{.....H..Se3....%.Ly...VP{.Bh.D.+....p..(..`....t....U.e....2......j...%..0.f<...q...B.k..N....03...8....l.....bS...vh..8..Q..LWXW..C.......3..Pr.V.l...^=VX\,d9f.Y;1!w.d,.qvs....f*;.....Zhrr.,.U....6.Y....+Zd.*R...but....".....4.L...z........L.Q......)....,.].Y.&....*ZsIVG.^...#...e..r....Z..F..c..... .QDCmV..1.~...J9..b_Oov\..X.R..._.TqH.q.5G.0{ZphQ..k...s..\.../.Dp..d`#......8.#Y...Mb.j.Q......=n4.c....p.[.SI.....0.N.

                                                        Chrome Cache Entry: 94

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
                                                        Category:downloaded
                                                        Size (bytes):24038
                                                        Entropy (8bit):5.992474931914016
                                                        Encrypted:false
                                                        SSDEEP:384:cLU4fKWVUvyZk56/1+fZfMj8hTb5nz0bnOWWWWWWWWWWWWWWWWWWWWWWWWWqvESs:cLxfKW6yZk8/iZfMjYxnzonm9MaKcuwW
                                                        MD5:877784A5F5808CEFA2B61E73BFCF8EAE
                                                        SHA1:6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF
                                                        SHA-256:BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
                                                        SHA-512:DABFFC928F7ED2A2D05003DAEF643806BD1CEC6B98E705F7415A82AFE7034F4E1E8A70C5AE69B094A948EEDAB4E8B76DCF72DF881DA092FE4AB76DA0EEFB8C3C
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://passwordreset.microsoftonline.com/favicon.ico?v=1342177280
                                                        Preview:......@@.... .(@..F... .... .(...n@........ .(....P........ .(....Y..(...@......... ............................................................W.X..~S...W...X...X...X..X..V..p...}.............................................................kQ.W*..S$..wK..k..k..k..m..m..p..q..q..r..~......".........................................................................t..s'..^...\...^..._..._...`...a...b...e....M.................................................................fF.^...sB...m...v...w...x...x...y...{...{............%...#..."..."... ......................................................................v.._..xL...V...X...X...Y...Z...Z...\...`..}N...k#....................................................................rO4.Y+...T...k...q...q...p...q...q...u...}...."...$... .................................................................................j...S...T...X...Z...Y...Z...[...Z...]..._..{O...o?...........................................

                                                        Chrome Cache Entry: 95

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 141320
                                                        Category:downloaded
                                                        Size (bytes):49617
                                                        Entropy (8bit):7.995534454154058
                                                        Encrypted:true
                                                        SSDEEP:1536:IohTdtbswK1RfDDUDXsbGSKtnbiR+fU6I/dUG:PywkRLDwXSG2R+PI/qG
                                                        MD5:97A274B38A866C3FEFFF29003D3511D1
                                                        SHA1:0752DA49A4F7E374C76D0573AFD9CD1A074FBF00
                                                        SHA-256:6B1FF2587733BD9F44BC787C319AF8C23D01C14ED633DC8CB6F5DF55B5178E9B
                                                        SHA-512:62C400A3013A96A9B1AB5FEB2ADFF64CD3FA219C407B10F028AB04A96863F925D8D8D9AAF937ACDAF9091AC1B1DC262AAB92C2DD483C3B8715C71F3F1EC6D401
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js
                                                        Preview:...........m[.8.0........'&..hp.'.t73@...g.X.'V......4.9...d.C..}....K...,..JU.......T~.l..?...w>..?T.....*g..g.?<.?..z.....+..**.w....A%.*~0..Y....+.....2...Jr'*.(.".I\..q..Fb.>V.P].U..(y....u._@m...@.q8{.....?..7.)......OD..;.|W9..Q..........#....*n$*.H*.0J.....!e.1}....84......u.~..~.M...X&..Ou..ie..|.*IXy...Y....x...;..U.M....f,..l.tZ..<...bl{E|..@<}..Fn.(W...so#!.E.X.<AEGO..~....Y..'.l&.8.T.....".J.K......Rm5.;...F..$.......G.qx.....C.._.s../.......3....|.-.......o...?.a.La...W...7.?.O.....6..clXU....T.x.....".w.......;.k.\^w.~}*.....jf......!..a..0y........@.L.1..0.......2.^_..g..../.........$@.....*]+.*..2.v\.1............z|.O..Y5..........XtR,....R...k3..<.*.\.2.>.;T..$...kj.5-.i?/..YH`!jb..Z..=.&.L..F... [..y....K5qzQ.>i.1.......0..P...@...L.".n.x..!.0..w.:+...n..4..H.. .*....S.....h*....8....v.l.[M.0..q..c;.....0*..*.8.......l.T...n "..km..3..T..]......paJV.(J...g....!.|.].......;.zN...%}....DZ..i.....j .a".i=O.R Q2..."....

                                                        Chrome Cache Entry: 96

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:Unicode text, UTF-8 text, with very long lines (65500)
                                                        Category:downloaded
                                                        Size (bytes):85475
                                                        Entropy (8bit):5.3660121459583365
                                                        Encrypted:false
                                                        SSDEEP:1536:mi2eg+7NvjcmVJtjBQhm051ygKALOtHPhIYdivyP+Z0qAoXjklW1:XO5sgKAiPhPdI0qki
                                                        MD5:E2909004AFA27151ECB0BC3D8B1826CA
                                                        SHA1:E5B99D9420DF3DF077A30137F8DB40B7B409E762
                                                        SHA-256:82BA8DDBC334A2D4E0E79DF929EF3A7B1C9F96F2BCADC5A0268ACE6FF3673E2E
                                                        SHA-512:C8F0C4EF70D57CD7F4369117934F405781BD7E0F86B5941B7F5EF838DABBC12FF6059C188BE987A8392F36C7B6EA67077556E544DDB0C0D8B298E96EF9252E8B
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/MicrosoftAjax.js
                                                        Preview:// (c) 2010 CodePlex Foundation.(function(g,b){var o="object",t="set_",l="#",n="$",k="string",j=".",h=" ",s="onreadystatechange",m="load",y="_readyQueue",x="_domReadyQueue",r="error",d=false,q="on",a=null,c=true,f="function",i="number",e="undefined",A=function(a){a=a||{};p(arguments,function(b){b&&v(b,function(c,b){a[b]=c})},1);return a},v=function(a,c){for(var b in a)c(a[b],b)},p=function(a,h,j){var d;if(a){a=a!==g&&typeof a.nodeType===e&&(a instanceof Array||typeof a.length===i&&(typeof a.callee===f||a.item&&typeof a.nodeType===e&&!a.addEventListener&&!a.attachEvent))?a:[a];for(var b=j||0,k=a.length;b<k;b++)if(h(a[b],b)){d=c;break}}return!d},u=function(b,e,d){var c=b[e],a=typeof c===f;a&&c.call(b,d);return a};if(!b||!b.loader){function M(a){a=a||{};p(arguments,function(b){b&&v(b,function(c,b){if(typeof a[b]===e)a[b]=c})},1);return a}var z=!!document.attachEvent;function C(b,a){var c=b[a];delete b[a];return c}function K(d,b,c){p(C(d,b),function(b){b.apply(a,c||[])})}function I(a,c,b){

                                                        Chrome Cache Entry: 97

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced
                                                        Category:dropped
                                                        Size (bytes):471
                                                        Entropy (8bit):7.197252382638843
                                                        Encrypted:false
                                                        SSDEEP:12:6v/7eM/H/HTOlHAbsnwpncDR1pxInjqrrgRRIEw6Jz:qHTO0Gwpnc7pOnjqngRR1nJz
                                                        MD5:C651D60A08FF0F579E2EB9BE6043A3C6
                                                        SHA1:E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55
                                                        SHA-256:7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
                                                        SHA-512:017C29423F096A45AD5D1002B2F14E27A8298F144A962B78F46A96626A1027D5E4EC57468CD8F8C5B9E97461FA651452A1786CD9F5F76264652D03F55D516138
                                                        Malicious:false
                                                        Reputation:low
                                                        Preview:.PNG........IHDR..............>.....sRGB.........gAMA......a.....pHYs..........+......tEXtSoftware.Adobe ImageReadyq.e<...GIDAT8O...@...;Wa.`.X....b....... A.F....K...a..t*{3.e...K.....C..0.....)~;.eYvP....L}.KAEQP.4..WYd....mV]..m....$M...`...C.$R.......`..dM.T....,RU..TU..`.'0.!...D[`p..W)D8,dv]Wt....\^v.$.s..`.i...!...D..e$......$.8../..8....;..\6,...f|....n.....e..M...g.O.9....q..&........0.w...k...z....\.iZ..c.;.F...Uq7.'Y....X ....IEND.B`.

                                                        Chrome Cache Entry: 98

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text, with very long lines (65536), with no line terminators
                                                        Category:downloaded
                                                        Size (bytes):574440
                                                        Entropy (8bit):5.277870273117172
                                                        Encrypted:false
                                                        SSDEEP:6144:sUgVSwj2rmEt55lE30EWxOxEH3FB67jEvWnCiqawHbvNHu7:4VSwjet5yEHtWEC
                                                        MD5:6C888978509757A1A621EF9B66110414
                                                        SHA1:E0BB31F29DC3E14A424310DE42DE292ED7A34C18
                                                        SHA-256:E519D6A70F06DDF011B55FCFD0AB32AC0391D2A3CF0678BB5DB9A4EEDD164818
                                                        SHA-512:28F1EDA630FE929FC41801BD4A2B3FE8BC3EC206BECB910C700D96371F9F0A3F734D3B6DFF8AF4B3448857D16E2045FFB983BB7A371056ED0A9DC0EFB9523468
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/vendor.bundle.js?version=3.10
                                                        Preview:webpackJsonp([2],{"+3/4":function(t,e,n){"use strict";n.d(e,"a",function(){return o});var r=n("TToO"),o=function(t){function e(e){t.call(this),this.scheduler=e}return Object(r.c)(e,t),e.create=function(t){return new e(t)},e.dispatch=function(t){t.subscriber.complete()},e.prototype._subscribe=function(t){var n=this.scheduler;if(n)return n.schedule(e.dispatch,0,{subscriber:t});t.complete()},e}(n("YaPU").a)},"+CM9":function(t,e,n){"use strict";var r=n("Ds5P"),o=n("ot5s")(!1),i=[].indexOf,a=!!i&&1/[1].indexOf(1,-0)<0;r(r.P+r.F*(a||!n("NNrz")(i)),"Array",{indexOf:function(t){return a?i.apply(this,arguments)||0:o(this,t,arguments[1])}})},"+CnV":function(t,e,n){"use strict";n.d(e,"a",function(){return r});var r=function(t){var e,r=n("AMGY").a.Symbol;return"function"==typeof r?r.observable?e=r.observable:(e=r("observable"),r.observable=e):e="@@observable",e}()},"+yjc":function(t,e,n){var r=n("UKM+");n("3i66")("isSealed",function(t){return function(e){return!r(e)||!!t&&t(e)}})},"/Ife":function(

                                                        Chrome Cache Entry: 99

                                                        Download File
                                                        Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        File Type:ASCII text
                                                        Category:downloaded
                                                        Size (bytes):979
                                                        Entropy (8bit):4.884254803422543
                                                        Encrypted:false
                                                        SSDEEP:24:8ju8+lhfXBhUX6RRhApRR5q7xEiRRD0RRD16:6u8+lNBhUX6lApVq+in0n16
                                                        MD5:06FC2E5D62FD8C68ED435F0544EBCFC7
                                                        SHA1:D0D36207D64387AF8145749901B47D7D230FA12B
                                                        SHA-256:2FBEB24A28504251C4A1B6064FAA783FD6036B4908397B957526C16DE2DF6F49
                                                        SHA-512:6D1345165C13CF02F6475F9DC0073576B7CB92CE8ACF3D515311D23EFF5769ADEBF8E23BB33CACDD4352F866A183A72C2278D520860308791445054E96553535
                                                        Malicious:false
                                                        Reputation:low
                                                        URL:https://dialin.teams.microsoft.com/dialin-cdn-root/usp/1.220420.3/assets/js/Shell.js
                                                        Preview://-----------------------------------------------------------------------.// <copyright file="Shell.js" company="Microsoft">.// Copyright (c) Microsoft. All rights reserved..// </copyright>.//-----------------------------------------------------------------------..Namespace.Register("Microsoft.Rtc.Management.Lcp.JS.Shell");..Microsoft.Rtc.Management.Lcp.JS.Shell = new function() {. this.OpenFeedBackLink = function(url) {. if (document.getElementById('BOXPageIDField') != null) {. url = url + escape(document.getElementById('BOXPageIDField').value);. }.. window.open(url, '_blank', 'scrollbars=yes,menubar=no,titlebar=no,location=no,width=600,height=800,resizable=yes');. };.. this.NavigateToHrefCallback = function(response) {. if (response != null && document.getElementById(response.ReturnString) != null) { . window.location = document.getElementById(response.ReturnString).href;. }. }.};

                                                        Static File Info

                                                        No static file info

                                                        Network Behavior

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Apr 16, 2024 22:47:19.453814983 CEST49675443192.168.2.4173.222.162.32
                                                        Apr 16, 2024 22:47:23.736783981 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.736867905 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:23.737149000 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.737495899 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.737535000 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:23.737596035 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.737761021 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.737792015 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:23.738039017 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:23.738058090 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.058918953 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.059206963 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.059242964 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.060129881 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.060296059 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.061196089 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.061264038 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.061361074 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.069420099 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.069637060 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.069665909 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.071398020 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.071480989 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.072208881 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.072292089 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.104120970 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.112515926 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.112535954 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.112576962 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.112587929 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.159923077 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.159996986 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.263350010 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.263458014 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.263515949 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.265389919 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.265434980 CEST4434974023.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:24.265463114 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:24.265506983 CEST49740443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:26.773493052 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:26.773528099 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:26.773708105 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:26.777328014 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:26.777338982 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:26.806065083 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:26.806091070 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:26.806483984 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:26.812434912 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:26.812453032 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:26.997809887 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:27.024725914 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:27.024734974 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:27.025721073 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:27.025994062 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:27.027422905 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:27.027481079 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:27.030831099 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.031224966 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.077955008 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:27.077970982 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:27.089873075 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.089899063 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.090955973 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.125102043 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:27.140160084 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.179195881 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.220149040 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.284718990 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.285171032 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.285216093 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.285473108 CEST49763443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.285480976 CEST4434976323.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.492238998 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.492300034 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.492383957 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.493377924 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.493412018 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.708189011 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.708271980 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.722234964 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.722281933 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.722551107 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.725810051 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.768122911 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.922243118 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.922842026 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.922899961 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.923299074 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.923300028 CEST49768443192.168.2.423.201.212.130
                                                        Apr 16, 2024 22:47:27.923362017 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:27.923398972 CEST4434976823.201.212.130192.168.2.4
                                                        Apr 16, 2024 22:47:30.154771090 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.154829979 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.154891968 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.155142069 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.155149937 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.476006985 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.476277113 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.476285934 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.477130890 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.477581024 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.478285074 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.478286028 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.478302002 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.478355885 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.526626110 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.526632071 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.569998026 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.785691023 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785723925 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785732031 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785798073 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785831928 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.785851002 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785881996 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785907030 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.785922050 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.785922050 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.785933018 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.786004066 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.786022902 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.786046982 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.786051989 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.786079884 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.786243916 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.786245108 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.890008926 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.890031099 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.890084982 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.890125036 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.890153885 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.890393019 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.891221046 CEST49775443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.891243935 CEST4434977513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.936412096 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.936500072 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:30.937884092 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.938966036 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:30.938998938 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.262299061 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.272969961 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.273030996 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.274496078 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.274575949 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.342016935 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.342531919 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.354305983 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.354329109 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.354389906 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.355088949 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.355099916 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.384259939 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.384320021 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.398540974 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.398562908 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.398613930 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.399477959 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.399532080 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.399601936 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.400038958 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.400049925 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.400430918 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.400463104 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.424153090 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.679189920 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.718144894 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.724154949 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.727425098 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.759428024 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.775446892 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.869730949 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.869760990 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.869957924 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.869978905 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.870316029 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.870326042 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.870444059 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.871051073 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.871120930 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.871396065 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.871670008 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.873671055 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.873738050 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.874377012 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.874561071 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.874747038 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.874944925 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.875606060 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.875664949 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:31.875673056 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.912125111 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.920140028 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:31.922003031 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.082595110 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.082622051 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.082688093 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.082711935 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.082725048 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.082756042 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.082760096 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.082779884 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.082811117 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.085628033 CEST49779443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.085642099 CEST4434977913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086798906 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086848974 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086858034 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086879015 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086898088 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086906910 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.086934090 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086934090 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086951971 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.086956978 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086972952 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086980104 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.086981058 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.086997032 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087007999 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087014914 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087025881 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087030888 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087038994 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087050915 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087078094 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087161064 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087172985 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087266922 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087284088 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087311029 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087341070 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.087348938 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087388039 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.087412119 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.105225086 CEST49780443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.105242014 CEST4434978013.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.133254051 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191072941 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191163063 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191165924 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191205978 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191220045 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191248894 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191379070 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191441059 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191456079 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191462040 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191493034 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191508055 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191651106 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191703081 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191708088 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191723108 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.191759109 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.191781044 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.294940948 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.294961929 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295063019 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295078039 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295114994 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295185089 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295198917 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295243025 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295248032 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295259953 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295274019 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295278072 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.295305014 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295331001 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:32.295344114 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:32.298960924 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.548281908 CEST49778443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.548305035 CEST4434977813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.593579054 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.630898952 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.630930901 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.630984068 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.631541014 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.631551027 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.640124083 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806071043 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806129932 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806149960 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806168079 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806207895 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806226015 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806236029 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806236029 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806303024 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806339025 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806349039 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806349039 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806356907 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806375027 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806385040 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806391954 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806406975 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806426048 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806448936 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.806454897 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806477070 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.806550026 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.910840988 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.910907984 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.910948992 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.911019087 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.911051989 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.911055088 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.911077023 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.911089897 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.911118031 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.911235094 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.911298990 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.912462950 CEST49777443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:33.912494898 CEST4434977713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.955955029 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:33.998693943 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.006834984 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.006840944 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.007364035 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.008769035 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.008829117 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.010932922 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.010970116 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.011033058 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.012799978 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.012836933 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.013658047 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.017081022 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.017119884 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.017175913 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.017901897 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.017932892 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.018361092 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.019395113 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.019411087 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.019429922 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.019443989 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.060112953 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268337011 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268400908 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268419981 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268538952 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268590927 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268651009 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.268651009 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.268651009 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.268661976 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268718004 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.268735886 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.268788099 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.339859009 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.341766119 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.341775894 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.342258930 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.342945099 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.343024969 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.343125105 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.343329906 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.347734928 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.347795963 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.347991943 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.348037958 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.348153114 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.348602057 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.349052906 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.349142075 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.349178076 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.349322081 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.349390984 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.349800110 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.349869967 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.350111008 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.350155115 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.350197077 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.350720882 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.350743055 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.350914955 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.350930929 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.352581024 CEST49784443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.352601051 CEST4434978413.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.392138958 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.396111965 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.397129059 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.397229910 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.484225988 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.484263897 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.484369993 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.487462044 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.487477064 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.550019979 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.550124884 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.550817013 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.550988913 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.551059008 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.551068068 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.551105022 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.551124096 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.551157951 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.551171064 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.553138018 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.576073885 CEST49785443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.576167107 CEST4434978513.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.576468945 CEST49787443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.576531887 CEST4434978713.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.577810049 CEST49786443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.577821016 CEST4434978613.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.585880995 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.585964918 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.586091995 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.586555958 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.586591005 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.586910963 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.586961031 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.587052107 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.587205887 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.587230921 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.587344885 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.587567091 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.587599039 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.587836981 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.587852955 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.674319029 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.674583912 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.674616098 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.675581932 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.675916910 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.675959110 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.676033020 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.716140985 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.813733101 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.814085007 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.814106941 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.817555904 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.817667961 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.817975998 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.818418026 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.818492889 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.818675041 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.818681955 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.865715981 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.905668974 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.907217979 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.915237904 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.934389114 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.934402943 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.934544086 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.934602022 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.934685946 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.934726954 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.936188936 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.936289072 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.936443090 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.936508894 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.936844110 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.936929941 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.937254906 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.937362909 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.937402010 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.937453985 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.937470913 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.937510967 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.937530041 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.937536001 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.938123941 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.938306093 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.938395977 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.938416004 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.984988928 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:34.987442970 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987498045 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987517118 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987560987 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987586975 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987617016 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987633944 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987654924 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987682104 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987699032 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987729073 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987740040 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987757921 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987780094 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987780094 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.987936974 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987956047 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.987992048 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.988017082 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.988061905 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.988084078 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.988085032 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.988164902 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.988212109 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.988229990 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:34.988243103 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:34.988301992 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.017036915 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.017045975 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.029069901 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.029154062 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.029185057 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.029326916 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.029381990 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.029628992 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.029654026 CEST4434978913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.029681921 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.029706955 CEST49789443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:35.116702080 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.116731882 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.116827965 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.116867065 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.116894960 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.116926908 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.116949081 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.116981030 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.117844105 CEST49792443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.117873907 CEST4434979213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.118155956 CEST49791443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.118190050 CEST4434979113.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.125864983 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.125936031 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.125957012 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.125997066 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.125997066 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126024008 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.126034975 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126040936 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.126055956 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126070976 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126089096 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126152039 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.126200914 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126210928 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.126287937 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.126343012 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126841068 CEST49790443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.126852036 CEST4434979013.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.127325058 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.127458096 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:35.127583981 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.130095005 CEST49793443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:35.130106926 CEST4434979313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:36.993917942 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:36.994086027 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:36.994173050 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:38.320728064 CEST49762443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:47:38.320764065 CEST4434976264.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:47:43.158350945 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:43.158469915 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:43.164988995 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:44.314776897 CEST49741443192.168.2.423.54.202.151
                                                        Apr 16, 2024 22:47:44.314852953 CEST4434974123.54.202.151192.168.2.4
                                                        Apr 16, 2024 22:47:45.599405050 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.599478960 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.599545002 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.601104975 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.601139069 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.602315903 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.602391958 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.602478981 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.602655888 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.602686882 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.922746897 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.922764063 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.923520088 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.923580885 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.923641920 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.923671961 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.924086094 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.924189091 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.924756050 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.924843073 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.925288916 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.925373077 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.925506115 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.925549030 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:45.968156099 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:45.968158007 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131032944 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131033897 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131053925 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131064892 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131120920 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.131131887 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131139040 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.131170034 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.131175041 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.131200075 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.135369062 CEST49799443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.135390043 CEST4434979913.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.139322042 CEST49798443192.168.2.413.107.213.41
                                                        Apr 16, 2024 22:47:46.139359951 CEST4434979813.107.213.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.150648117 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.150692940 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.150748014 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.151249886 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.151264906 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.154227972 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.154267073 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.154318094 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.154752016 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.154762983 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.472690105 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.474648952 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.475358009 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.475366116 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.475733995 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.475763083 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.475776911 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.476366997 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.476366997 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.476444006 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.477240086 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.478008986 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.478008986 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.478405952 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.526875973 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.526878119 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.681114912 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681133986 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681185961 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681196928 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681211948 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.681220055 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681248903 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.681302071 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.681329012 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.681351900 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.682760954 CEST49803443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.682799101 CEST4434980313.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:47:46.682950020 CEST49802443192.168.2.413.107.246.41
                                                        Apr 16, 2024 22:47:46.682964087 CEST4434980213.107.246.41192.168.2.4
                                                        Apr 16, 2024 22:48:07.348412991 CEST4972380192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:07.348608971 CEST4972480192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:07.452274084 CEST8049723199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:07.452321053 CEST8049723199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:07.452378035 CEST4972380192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:07.452867985 CEST8049724199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:07.452902079 CEST8049724199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:07.452950954 CEST4972480192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:26.109071016 CEST4973280192.168.2.4192.229.211.108
                                                        Apr 16, 2024 22:48:26.109164000 CEST4973380192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:26.109312057 CEST4973480192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:26.213057041 CEST8049733199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:26.213118076 CEST8049733199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:26.213154078 CEST8049734199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:26.213171005 CEST4973380192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:26.213186979 CEST8049734199.232.210.172192.168.2.4
                                                        Apr 16, 2024 22:48:26.213221073 CEST8049732192.229.211.108192.168.2.4
                                                        Apr 16, 2024 22:48:26.213243961 CEST4973480192.168.2.4199.232.210.172
                                                        Apr 16, 2024 22:48:26.213274956 CEST4973280192.168.2.4192.229.211.108
                                                        Apr 16, 2024 22:48:26.993037939 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:26.993076086 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:26.993436098 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:26.994616032 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:26.994637966 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:27.208921909 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:27.217792988 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:27.217808962 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:27.218307018 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:27.229393005 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:27.229497910 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:27.280857086 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:37.297236919 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:37.297419071 CEST4434983864.233.176.147192.168.2.4
                                                        Apr 16, 2024 22:48:37.297466040 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:38.315804958 CEST49838443192.168.2.464.233.176.147
                                                        Apr 16, 2024 22:48:38.315835953 CEST4434983864.233.176.147192.168.2.4

                                                        UDP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Apr 16, 2024 22:47:22.222937107 CEST53588391.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:22.231534958 CEST53517281.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:22.830619097 CEST53645441.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:23.630208969 CEST6471353192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:23.630386114 CEST6126453192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:23.735845089 CEST53612641.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:23.735862017 CEST53647131.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:26.665963888 CEST5657353192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:26.667191982 CEST6263453192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:26.770833015 CEST53565731.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:26.771702051 CEST53626341.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:27.122953892 CEST5081653192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:27.123049021 CEST6302553192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:28.235522032 CEST5633553192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:28.235522032 CEST5618253192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:28.934274912 CEST6075553192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:28.938934088 CEST5742953192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:31.348045111 CEST4934153192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:31.348558903 CEST5460953192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:31.350999117 CEST5519553192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:31.351443052 CEST5853853192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:31.452924967 CEST53546091.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:31.453211069 CEST53493411.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:34.177162886 CEST53496101.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:37.669118881 CEST138138192.168.2.4192.168.2.255
                                                        Apr 16, 2024 22:47:39.898174047 CEST53513751.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:47:45.585917950 CEST4983753192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:45.586395979 CEST6114653192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:46.466707945 CEST5962753192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:46.466952085 CEST5509453192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:47.680907965 CEST4971253192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:47.681045055 CEST5158053192.168.2.41.1.1.1
                                                        Apr 16, 2024 22:47:58.949294090 CEST53546091.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:48:21.715289116 CEST53525861.1.1.1192.168.2.4
                                                        Apr 16, 2024 22:48:21.858172894 CEST53571361.1.1.1192.168.2.4

                                                        ICMP Packets

                                                        TimestampSource IPDest IPChecksumCodeType
                                                        Apr 16, 2024 22:47:27.290781021 CEST192.168.2.41.1.1.1c25b(Port unreachable)Destination Unreachable
                                                        Apr 16, 2024 22:47:45.854319096 CEST192.168.2.41.1.1.1c2c0(Port unreachable)Destination Unreachable

                                                        DNS Queries

                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                        Apr 16, 2024 22:47:23.630208969 CEST192.168.2.41.1.1.10xfe6cStandard query (0)aka.msA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:23.630386114 CEST192.168.2.41.1.1.10x19f0Standard query (0)aka.ms65IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.665963888 CEST192.168.2.41.1.1.10x14d3Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.667191982 CEST192.168.2.41.1.1.10x2ccdStandard query (0)www.google.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:27.122953892 CEST192.168.2.41.1.1.10xdb9bStandard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:27.123049021 CEST192.168.2.41.1.1.10xe564Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.235522032 CEST192.168.2.41.1.1.10xb7efStandard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.235522032 CEST192.168.2.41.1.1.10x1ebfStandard query (0)login.microsoftonline.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.934274912 CEST192.168.2.41.1.1.10x520aStandard query (0)login.microsoftonline.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.938934088 CEST192.168.2.41.1.1.10xb004Standard query (0)login.microsoftonline.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.348045111 CEST192.168.2.41.1.1.10xc2b6Standard query (0)aadcdn.msftauth.netA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.348558903 CEST192.168.2.41.1.1.10x673cStandard query (0)aadcdn.msftauth.net65IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.350999117 CEST192.168.2.41.1.1.10xd27cStandard query (0)identity.nel.measure.office.netA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.351443052 CEST192.168.2.41.1.1.10xff1cStandard query (0)identity.nel.measure.office.net65IN (0x0001)false
                                                        Apr 16, 2024 22:47:45.585917950 CEST192.168.2.41.1.1.10x6bc7Standard query (0)passwordreset.microsoftonline.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:45.586395979 CEST192.168.2.41.1.1.10x84e6Standard query (0)passwordreset.microsoftonline.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:46.466707945 CEST192.168.2.41.1.1.10x2e27Standard query (0)ajax.aspnetcdn.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:46.466952085 CEST192.168.2.41.1.1.10xc20aStandard query (0)ajax.aspnetcdn.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:47.680907965 CEST192.168.2.41.1.1.10x9095Standard query (0)passwordreset.microsoftonline.comA (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:47.681045055 CEST192.168.2.41.1.1.10x5c13Standard query (0)passwordreset.microsoftonline.com65IN (0x0001)false

                                                        DNS Answers

                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                        Apr 16, 2024 22:47:23.735862017 CEST1.1.1.1192.168.2.40xfe6cNo error (0)aka.ms23.54.202.151A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.147A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.105A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.99A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.104A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.103A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.770833015 CEST1.1.1.1192.168.2.40x14d3No error (0)www.google.com64.233.176.106A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:26.771702051 CEST1.1.1.1192.168.2.40x2ccdNo error (0)www.google.com65IN (0x0001)false
                                                        Apr 16, 2024 22:47:27.228192091 CEST1.1.1.1192.168.2.40xe564No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:27.228250980 CEST1.1.1.1192.168.2.40xdb9bNo error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.340085030 CEST1.1.1.1192.168.2.40xb7efNo error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:28.340908051 CEST1.1.1.1192.168.2.40x1ebfNo error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:29.039165974 CEST1.1.1.1192.168.2.40x520aNo error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:29.043328047 CEST1.1.1.1192.168.2.40xb004No error (0)login.microsoftonline.comlogin.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:30.153403044 CEST1.1.1.1192.168.2.40x9464No error (0)shed.dual-low.part-0013.t-0009.t-msedge.netpart-0013.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:30.153403044 CEST1.1.1.1192.168.2.40x9464No error (0)part-0013.t-0009.t-msedge.net13.107.213.41A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:30.153403044 CEST1.1.1.1192.168.2.40x9464No error (0)part-0013.t-0009.t-msedge.net13.107.246.41A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.452924967 CEST1.1.1.1192.168.2.40x673cNo error (0)aadcdn.msftauth.netcs1100.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.453211069 CEST1.1.1.1192.168.2.40xc2b6No error (0)aadcdn.msftauth.netcs1100.wpc.omegacdn.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.453211069 CEST1.1.1.1192.168.2.40xc2b6No error (0)cs1100.wpc.omegacdn.net152.199.4.44A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.456608057 CEST1.1.1.1192.168.2.40xff1cNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:31.461328983 CEST1.1.1.1192.168.2.40xd27cNo error (0)identity.nel.measure.office.netnel.measure.office.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:34.471956015 CEST1.1.1.1192.168.2.40x53f0No error (0)shed.dual-low.part-0013.t-0009.t-msedge.netpart-0013.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:34.471956015 CEST1.1.1.1192.168.2.40x53f0No error (0)part-0013.t-0009.t-msedge.net13.107.246.41A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:34.471956015 CEST1.1.1.1192.168.2.40x53f0No error (0)part-0013.t-0009.t-msedge.net13.107.213.41A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:47:45.692130089 CEST1.1.1.1192.168.2.40x6bc7No error (0)passwordreset.microsoftonline.compasswordreset.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:45.854229927 CEST1.1.1.1192.168.2.40x84e6No error (0)passwordreset.microsoftonline.compasswordreset.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:46.571754932 CEST1.1.1.1192.168.2.40xc20aNo error (0)ajax.aspnetcdn.commscomajax.vo.msecnd.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:46.571815968 CEST1.1.1.1192.168.2.40x2e27No error (0)ajax.aspnetcdn.commscomajax.vo.msecnd.netCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:47.788450956 CEST1.1.1.1192.168.2.40x9095No error (0)passwordreset.microsoftonline.compasswordreset.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:47:47.802443981 CEST1.1.1.1192.168.2.40x5c13No error (0)passwordreset.microsoftonline.compasswordreset.mso.msidentity.comCNAME (Canonical name)IN (0x0001)false
                                                        Apr 16, 2024 22:48:07.455188036 CEST1.1.1.1192.168.2.40xfab1No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:48:07.455188036 CEST1.1.1.1192.168.2.40xfab1No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:48:34.623184919 CEST1.1.1.1192.168.2.40xebf2No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                        Apr 16, 2024 22:48:34.623184919 CEST1.1.1.1192.168.2.40xebf2No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false

                                                        HTTP Request Dependency Graph

                                                        • aka.ms
                                                        • fs.microsoft.com
                                                        • https:
                                                          • aadcdn.msauth.net

                                                        HTTPS Proxied Packets

                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        0192.168.2.44974023.54.202.1514434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:24 UTC659OUTGET /vmsettings HTTP/1.1
                                                        Host: aka.ms
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        sec-ch-ua-platform: "Windows"
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: navigate
                                                        Sec-Fetch-User: ?1
                                                        Sec-Fetch-Dest: document
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:24 UTC454INHTTP/1.1 301 Moved Permanently
                                                        Content-Length: 0
                                                        Server: Kestrel
                                                        Location: https://dialin.teams.microsoft.com/usp/voicemail
                                                        Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
                                                        X-Response-Cache-Status: True
                                                        Expires: Tue, 16 Apr 2024 20:47:24 GMT
                                                        Cache-Control: max-age=0, no-cache, no-store
                                                        Pragma: no-cache
                                                        Date: Tue, 16 Apr 2024 20:47:24 GMT
                                                        Connection: close
                                                        Strict-Transport-Security: max-age=31536000 ; includeSubDomains


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        1192.168.2.44976323.201.212.130443
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:27 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                        Connection: Keep-Alive
                                                        Accept: */*
                                                        Accept-Encoding: identity
                                                        User-Agent: Microsoft BITS/7.8
                                                        Host: fs.microsoft.com
                                                        2024-04-16 20:47:27 UTC468INHTTP/1.1 200 OK
                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                        Content-Type: application/octet-stream
                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                        Server: ECAcc (chd/079C)
                                                        X-CID: 11
                                                        X-Ms-ApiVersion: Distribute 1.2
                                                        X-Ms-Region: prod-eus2-z1
                                                        Cache-Control: public, max-age=123322
                                                        Date: Tue, 16 Apr 2024 20:47:27 GMT
                                                        Connection: close
                                                        X-CID: 2


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        2192.168.2.44976823.201.212.130443
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:27 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                        Connection: Keep-Alive
                                                        Accept: */*
                                                        Accept-Encoding: identity
                                                        If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                        Range: bytes=0-2147483646
                                                        User-Agent: Microsoft BITS/7.8
                                                        Host: fs.microsoft.com
                                                        2024-04-16 20:47:27 UTC531INHTTP/1.1 200 OK
                                                        Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                        ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                        Content-Type: application/octet-stream
                                                        ApiVersion: Distribute 1.1
                                                        Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                        X-Azure-Ref: 0rcGnYgAAAAANOnx9vccHTr21ROgX9ESTU0pDRURHRTAzMDkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                                        Cache-Control: public, max-age=123365
                                                        Date: Tue, 16 Apr 2024 20:47:27 GMT
                                                        Content-Length: 55
                                                        Connection: close
                                                        X-CID: 2
                                                        2024-04-16 20:47:27 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                        Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        3192.168.2.44977513.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:30 UTC633OUTGET /shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        Origin: https://login.microsoftonline.com
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:30 UTC797INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:30 GMT
                                                        Content-Type: application/x-javascript
                                                        Content-Length: 49617
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Thu, 14 Mar 2024 23:04:09 GMT
                                                        ETag: 0x8DC447B0E3A90D2
                                                        x-ms-request-id: 76a34dff-601e-0018-552d-8f0dad000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204730Z-18655757dbcqxsvqh02gg0s8as00000003g000000000vfsn
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:30 UTC15587INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 6d 5b e3 38 d2 30 fa fd fe 15 c1 bb 87 89 27 26 e4 05 68 70 da 9d 27 0d 74 37 33 40 18 12 a6 67 16 58 2e 27 56 c0 dd c1 ce da 0e 34 03 39 bf fd d4 8b 64 cb 8e 43 f7 ec 7d ae f3 e5 cc 4b b0 a5 92 2c 95 aa 4a 55 a5 92 b4 f9 f3 da ff 54 7e ae 6c fc f8 3f 95 c1 b0 77 3e ac f4 3f 54 86 9f 8e ce 0f 2a 67 f0 f6 67 e5 b4 3f 3c da 3f fc f1 7a f0 a3 f8 ff f0 ce 8f 2b 13 7f 2a 2a f0 77 e4 c6 c2 ab 84 41 25 8c 2a 7e 30 0e a3 59 18 b9 89 88 2b f7 f0 1b f9 ee b4 32 89 c2 fb 4a 72 27 2a b3 28 fc 22 c6 49 5c 99 fa 71 02 85 46 62 1a 3e 56 aa 50 5d e4 55 ce dc 28 79 aa 1c 9d 99 75 a8 5f 40 6d fe ad 1f 40 e9 71 38 7b 82 e7 bb a4 12 84 89 3f 16 15 37 f0 a8 b6 29 bc 04 b1 a8 cc 03 4f 44 95 c7 3b 7f 7c 57 39 f1 c7 51 18 87 93 a4 12 89 b1 f0
                                                        Data Ascii: m[80'&hp't73@gX.'V49dC}K,JUT~l?w>?T*gg?<?z+**wA%*~0Y+2Jr'*("I\qFb>VP]U(yu_@m@q8{?7)OD;|W9Q
                                                        2024-04-16 20:47:30 UTC16384INData Raw: 2d 5d 04 77 80 5e 40 f9 e1 37 3c bc 02 60 fb 60 8a 7e 61 5a ce 9d 9f 29 2e 0d 3a bd c7 b8 ae 96 9c bf 28 3a 78 3f 22 a0 0a ac 8e 70 c2 47 93 d1 c1 f5 da 41 65 e9 b7 2a f2 bc d6 4a a4 be 64 57 8c 1a 1e 72 18 0b a5 a1 68 1f 31 9f e5 b1 50 0b d3 6a d0 4d 04 80 b8 d2 eb e5 96 ce 7a d3 6e 0f 8b b4 1a 43 cb c7 8b 10 d2 4b e3 aa a6 59 47 d1 49 19 ab 1a 11 e2 61 fd 26 de dd 63 9a af e0 76 db b4 e8 a0 93 06 9e 21 8e 47 7f 59 2e 63 3c 3b 38 32 45 1b 1e 23 8e a7 a0 cc 1d 1f 0f 65 21 0d 9f 4e 3b e6 d3 f5 f9 04 78 6b 4c b7 ce d7 27 cc 1c 6c 94 a3 82 72 8f 6e 4b cc f1 39 0d e4 09 9d 28 63 f1 81 50 d9 07 3d ed ec cd fc 55 76 53 75 74 d7 f4 52 5c cb 33 15 a7 96 1b dd d2 61 58 31 f4 53 5d 6a 78 1c ba 72 e9 18 44 fd 18 af 19 64 ec 3b cb a7 44 21 b6 dd 6a ee 1c 98 f1 fa fa
                                                        Data Ascii: -]w^@7<``~aZ).:(:x?"pGAe*JdWrh1PjMznCKYGIa&cv!GY.c<;82E#e!N;xkL'lrnK9(cP=UvSutR\3aX1S]jxrDd;D!j
                                                        2024-04-16 20:47:30 UTC16384INData Raw: 4b 5d 8b 6c 9c ec da 22 a6 62 47 ab 46 ba 85 c4 37 58 97 52 1d 0f 18 dc 56 31 6f 99 71 74 e2 b7 0e a2 fa 41 5f aa d0 ba 8c f5 ac d7 2c 58 8e 74 a6 4d 9d 2b 73 d2 d0 2d b5 9f 06 9c 84 b6 c1 2a 36 cc 8a b2 40 3a 7e d3 40 df fa d7 2a 2d 92 09 47 3a e8 1f ae fd cb 73 8f 4d b1 d6 b4 24 3d 7a 01 ce f9 fc 7b 0c a7 62 47 99 dc 9d 13 89 b1 b1 6e 90 2c 2c e4 3f 48 5c e7 7d 49 74 45 7d c1 1f 4c 57 e0 f3 07 4f 5e 3e 53 84 0b 79 a2 40 f0 40 e1 41 1a ab a6 65 b3 6b 26 c9 b4 0e b1 43 09 b5 0b 3a 32 59 12 bb ae b7 05 08 93 81 a5 ef e6 5b dd c9 fa 01 bf 67 7c 34 ad 8a 48 6c 81 24 8d 50 f5 7c 2e b0 c3 c3 b4 93 d4 a0 6e 08 b7 03 1d d3 e9 33 f5 d7 19 55 2d e2 04 6c 42 64 aa 69 9f 3e ee 8b 88 65 e4 0b 0b f8 71 b4 ca 7a 7a 67 e8 1a 3e a7 c8 8c ab df 78 3e 63 4a 2d a7 6f 4b 6c
                                                        Data Ascii: K]l"bGF7XRV1oqtA_,XtM+s-*6@:~@*-G:sM$=z{bGn,,?H\}ItE}LWO^>Sy@@Aek&C:2Y[g|4Hl$P|.n3U-lBdi>eqzzg>x>cJ-oKl
                                                        2024-04-16 20:47:30 UTC1262INData Raw: e1 3e bd 20 b5 1d 42 62 e5 10 22 2e b9 c4 8d 09 9a 16 db 64 7c 76 e2 f5 9a 6e b7 ef 6a ba 72 70 7b eb 46 3d 47 79 f7 1e 80 f7 b8 2f 0e 0e d0 e6 e0 f0 22 c2 e8 28 af 75 31 a0 1f 20 61 a9 ca 51 07 e7 d1 83 f0 8d bb 96 21 0a 7a d7 9d 99 b0 c0 a4 44 d2 83 b2 d9 a8 91 7b 42 e7 ce 41 dd 95 27 ae 64 98 50 4e ee 9c 98 34 bc 19 cd d3 a2 ac 38 b6 6b 9c 8d 3d f0 9e b1 a8 e3 41 54 ee df 77 96 cb 6c 9a 2d 93 7c 71 76 91 ce ce 92 b3 8b e9 c5 f4 e3 e5 f9 82 da 92 2f d3 8f a9 c3 ce f6 78 09 6e 40 74 81 fc 36 e2 b8 26 11 7b 99 d7 fe 0e fb ee 28 f0 7d 7b 56 9c 57 b9 71 cc 69 38 e9 28 77 47 f6 dc 86 ab e1 c8 51 9a 5d e3 cc 62 fb 1a b9 8e 59 b0 23 38 d3 25 ed 39 78 5f d6 13 30 30 65 39 af da 20 c5 22 4d 1a 51 c4 a7 d6 ca fb 37 1d c5 a9 f8 62 e2 36 5b f1 57 e3 e5 a4 77 07 fa
                                                        Data Ascii: > Bb".d|vnjrp{F=Gy/"(u1 aQ!zD{BA'dPN48k=ATwl-|qv/xn@t6&{(}{VWqi8(wGQ]bY#8%9x_00e9 "MQ7b6[Ww


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        4192.168.2.44977913.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:31 UTC658OUTGET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        Origin: https://login.microsoftonline.com
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: text/css,*/*;q=0.1
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: style
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:32 UTC802INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:31 GMT
                                                        Content-Type: text/css
                                                        Content-Length: 20314
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 27 Dec 2023 18:18:12 GMT
                                                        ETag: 0x8DC07082FBB8D2B
                                                        x-ms-request-id: 30ba7f18-101e-002b-292d-8f51ba000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204731Z-18655757dbc6pjc9kve5vp9er800000003ng00000000tqk2
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        X-Cache-Info: L1_T2
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:32 UTC15582INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ed 7d 6b 73 e3 36 b2 e8 f7 f9 15 5c a7 52 3b ce 4a 8c 48 3d 2d 57 52 3b 99 cc 26 3e 67 5e 35 33 d9 47 a5 52 5b b4 44 59 3c 43 89 ba 24 65 8f 57 47 ff fd e2 8d 06 d0 20 29 8f b3 d9 7b 2b 27 67 13 0b dd 6c 00 dd 8d 06 1a e8 06 be fe ea 0f c1 f3 62 77 5f 66 37 eb 3a 78 fa fc 3c 78 95 2d ca a2 2a 56 35 29 2f 77 45 99 d4 59 b1 0d 83 67 79 1e 30 a4 2a 28 d3 2a 2d 6f d3 65 18 7c f5 f5 d7 5f fd e1 49 bf fb ff 05 ef 3f 3c 7b f7 21 78 f3 97 e0 c3 8f 57 ef be 0f de 92 5f ff 08 5e bf f9 70 f5 fc 45 d0 99 ca 93 27 1f d6 59 15 ac b2 3c 0d c8 7f af 93 2a 5d 06 c5 36 28 ca 20 db 2e 44 ab d3 2a d8 90 7f 97 59 92 07 ab b2 d8 04 f5 3a 0d 76 65 f1 3f e9 82 f4 21 cf aa 9a 7c 74 9d e6 c5 5d f0 94 90 2b 97 c1 db a4 ac ef 83 ab b7 e7 61 f0 81 e0 16
                                                        Data Ascii: }ks6\R;JH=-WR;&>g^53GR[DY<C$eWG ){+'glbw_f7:x<x-*V5)/wEYgy0*(*-oe|_I?<{!xW_^pE'Y<*]6( .D*Y:ve?!|t]+a
                                                        2024-04-16 20:47:32 UTC4732INData Raw: 75 b1 d9 44 a4 ea 22 20 d6 45 09 41 36 3d ae 63 fa 4f 4b 7f 86 e7 bc b1 e2 92 61 7d df b0 68 ac ab 2c aa b1 88 da cb c6 22 89 f4 a2 b1 42 53 1e da 58 e7 55 1e b5 fb a5 96 31 c6 85 9c 5c 95 58 0f 77 34 04 a7 bc ef e9 bc 62 55 e4 cb 9d 46 11 60 f2 34 8a 20 ba 0a e1 1d 2d b3 ba 41 d4 6a 33 50 25 58 6c a8 15 02 68 eb 56 83 ba b5 a0 21 5d f4 aa e1 60 30 5e 26 13 b7 4f 5a e3 0c 32 50 fb 10 40 6b 9f fc 5a d9 82 86 f5 c9 a7 ad bc 4f 0f 53 c6 3e 8f 75 ef 81 fb bb e5 60 13 bf d0 d1 86 c0 d4 70 43 60 72 bc 81 ca 0c ee 7b ca cd 06 61 90 56 01 34 34 b4 0d 0f 13 81 b8 e1 dc 70 52 d0 d3 64 f3 b6 df 8a 2c 1c d2 a7 e1 c5 ec 1c b9 2b 18 00 b1 42 22 26 de 7d 9d 59 8d 1f 8e 83 89 00 6e 65 8f 64 aa a2 fc c3 d8 65 70 5f b6 f7 9c 65 7e ea 83 9d 2c f7 31 10 e4 08 df ce 47 c4 df
                                                        Data Ascii: uD" EA6=cOKa}h,"BSXU1\Xw4bUF`4 -Aj3P%XlhV!]`0^&OZ2P@kZOS>u`pC`r{aV44pRd,+B"&}Ynedep_e~,1G


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        5192.168.2.44977813.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:31 UTC635OUTGET /shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        Origin: https://login.microsoftonline.com
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:32 UTC798INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:31 GMT
                                                        Content-Type: application/x-javascript
                                                        Content-Length: 121212
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 27 Mar 2024 20:03:18 GMT
                                                        ETag: 0x8DC4E98F25B224F
                                                        x-ms-request-id: 3f572fe7-801e-002a-8028-907ab8000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204731Z-18655757dbc5wts2tptdbfcf44000000044g000000007psq
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:32 UTC15586INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 6d 7b e3 38 8e 00 f8 fd 7e 85 a3 99 cb d8 1d c5 25 f9 dd 4a ab b3 ae bc 54 65 3b 89 33 71 aa bb 77 53 99 3c b2 44 3b ea c8 92 57 92 f3 32 8e f7 b7 1f 00 92 12 65 cb a9 aa d9 bd bb e7 9e eb 9d ad 58 24 48 82 20 08 82 20 08 7e f8 69 e7 ff a8 fc 54 d9 ff fe ff 2a a3 9b c1 f5 4d 65 78 5a b9 f9 7c 76 7d 5c b9 82 af ff a8 5c 0e 6f ce 8e 4e be bf 1e 6c 14 ff ff e6 c1 4f 2a 13 3f 60 15 f8 3b 76 12 e6 55 a2 b0 12 c5 15 3f 74 a3 78 1e c5 4e ca 92 ca 0c fe 8d 7d 27 a8 4c e2 68 56 49 1f 58 65 1e 47 7f 32 37 4d 2a 81 9f a4 50 68 cc 82 e8 b9 52 85 ea 62 af 72 e5 c4 e9 6b e5 ec aa 56 87 fa 19 d4 e6 4f fd 10 4a bb d1 fc 15 7e 3f a4 95 30 4a 7d 97 55 9c d0 a3 da 02 f8 08 13 56 59 84 1e 8b 2b cf 0f be fb 50 b9 f0 dd 38 4a a2 49 5a 89 99
                                                        Data Ascii: m{8~%JTe;3qwS<D;W2eX$H ~iT*MexZ|v}\\oNlO*?`;vU?txN}'LhVIXeG27M*PhRbrkVOJ~?0J}UVY+P8JIZ
                                                        2024-04-16 20:47:32 UTC16384INData Raw: b0 ef 62 55 51 a0 e9 cb 27 9f 3d a3 6d 30 b0 96 7c 26 fd 96 25 94 cd 6e 7f 53 66 e2 3e 4f 84 75 40 c2 24 a5 97 0f f8 d6 24 84 7c 74 3a 5e e5 77 0c 50 d0 e0 48 a7 e4 a8 89 96 43 e0 35 59 9f 95 56 9b 2d 34 b0 bd 86 78 37 2c c4 37 73 77 22 75 f3 e1 5f 38 2f 74 af 05 16 86 5f 43 fe 3c 3d 39 b2 67 1c 9f bc bd 49 de aa 97 df 9b a9 fe 68 8d 30 ef 14 1b 60 52 e4 74 98 9b 75 8a ef 91 f0 a7 31 48 37 d3 fe f2 df 7f b9 60 a8 33 a1 2e 75 7f 3e 82 6f 1e 4f 8c 79 f6 52 04 b2 e2 af 08 43 ce 9c 3f 54 ca 0f 32 10 12 63 4c 89 fd 03 e6 67 01 0a f2 87 0f 44 95 f2 8d d3 22 98 48 5c 6b 9a 42 5e 70 61 84 28 5c 46 29 86 d1 a3 bd 16 05 99 a2 9f 57 bf 1f 5b 26 de 65 7f c0 58 1c f8 ec 2e 8f 58 26 6d 0a 32 b0 08 46 e5 c8 43 8b 90 d6 78 01 6b ee 20 f0 9d 84 82 72 cd c6 e8 57 cf 9f 5b
                                                        Data Ascii: bUQ'=m0|&%nSf>Ou@$$|t:^wPHC5YV-4x7,7sw"u_8/t_C<=9gIh0`Rtu1H7`3.u>oOyRC?T2cLgD"H\kB^pa(\F)W[&eX.X&m2FCxk rW[
                                                        2024-04-16 20:47:32 UTC16384INData Raw: 31 80 37 9e 6f 95 62 00 67 7f 3b 0e f0 ad 2d 3e 8d 03 4c e7 25 87 ea 49 53 05 7d 91 d4 77 88 1c 5b f5 7b 53 3c f7 93 52 d4 97 70 ed 39 16 a9 0f f6 14 9e ad 6e f9 ab 6b cf b7 ce a1 08 89 38 c2 07 32 dd 4e a2 51 e0 a8 5f 6f 98 2b 47 5e 43 39 3c 36 3c 3e 00 d7 be 8c 05 0a 76 15 8f 21 70 9e 2a e1 3c 42 bc af 55 85 42 84 da 64 d2 d5 39 7a 3e df d8 20 df e7 12 c9 41 d5 10 64 fb e1 44 01 fd a8 86 aa 1e 57 90 19 62 73 47 65 d4 24 b5 91 9c 7e c8 5e 41 a1 84 24 bb 94 97 d7 01 23 26 9f 51 70 06 ff e4 57 80 e6 50 90 22 e9 15 56 47 25 ff c0 82 3b 40 7a 52 f2 44 2c ef 09 85 9d 40 3c 3c 43 d9 95 76 bf 03 08 0f 24 a1 c2 43 cc 8e 5f 7b dc 2a 20 38 f0 57 7b 5d 2f 26 76 45 97 04 b9 6d 28 10 45 41 67 52 3f 62 77 69 51 86 02 01 72 64 32 d7 64 5b 5f d4 74 32 50 b3 a0 41 b9 bd
                                                        Data Ascii: 17obg;->L%IS}w[{S<Rp9nk82NQ_o+G^C9<6<>v!p*<BUBd9z> AdDWbsGe$~^A$#&QpWP"VG%;@zRD,@<<Cv$C_{* 8W{]/&vEm(EAgR?bwiQrd2d[_t2PA
                                                        2024-04-16 20:47:32 UTC16384INData Raw: 64 f0 28 03 b4 9b e4 f7 00 90 14 f2 82 3d 01 00 46 7d 9c b9 cf 35 2a 47 52 fc 3e 8d 46 71 7e bf c3 da ab b0 8f d1 e8 2e ba cf 1c 34 d6 c4 43 09 38 08 73 c8 77 c2 07 ad 32 15 b4 fd 5e 9a 22 35 0a bf f8 c8 c0 0f 46 07 83 36 d9 35 52 80 79 5a 78 ba 59 27 74 b3 e2 7e c5 1c 91 e4 bf 83 28 94 86 98 a3 be 72 87 73 d3 0f 73 fe b5 47 47 8c 7e 0e 7b 6c e3 f9 63 8f 81 d6 71 73 9f 15 4a 1d e9 1d d7 e1 72 99 57 cd c2 33 88 2f ef 5e c6 b2 8c 81 2c 3b 22 62 20 ee 9b bc 7f 13 b4 ca 31 28 43 d2 61 8f 11 21 e4 6d b8 72 30 6a 70 5e 31 e0 96 9a 85 f2 de 03 73 54 33 d4 f3 93 53 51 53 93 a0 ad 34 98 91 c5 e6 56 75 84 a9 60 69 ad 4d c6 d6 eb f8 db a3 d6 4e cc d9 10 4f 92 07 ee df 79 fe 5d f3 77 fe 90 72 90 bb f0 e1 77 1b 88 8b e6 69 f8 20 ed df ce ce 31 bc 78 d6 0f db 73 3f 53
                                                        Data Ascii: d(=F}5*GR>Fq~.4C8sw2^"5F65RyZxY't~(rssGG~{lcqsJrW3/^,;"b 1(Ca!mr0jp^1sT3SQS4Vu`iMNOy]wrwi 1xs?S
                                                        2024-04-16 20:47:32 UTC16384INData Raw: 57 ee db 91 a4 65 5b fb 6e 83 b4 3b 96 d2 db 35 84 0e 7c 7d 7f 2e ec 22 48 f2 75 1f d6 18 85 c9 a1 b2 1f 7f a3 8a 39 6c 2d 74 7a 4e 14 50 e5 31 6a 69 9a 2d 97 43 d5 70 c6 6c 11 21 17 76 e4 96 7a ff 42 e3 58 37 18 24 e6 cf 14 ba 51 1b ef 5d c3 1a 65 90 14 40 cd 2a 32 6f a4 54 88 c0 49 10 06 eb 03 46 9c 4e 5e 96 92 86 37 3e 0d cf dc c1 da 5a 28 89 fc 60 1a 28 48 88 cd ce e8 5e 06 98 c5 5c 19 5d 03 12 69 44 6f 7f 9f f7 71 28 41 c6 e1 c3 95 38 6c b9 ce d5 75 aa 00 2b 68 a1 6c 60 d1 a0 52 e6 e5 17 c9 1a 92 16 89 ab c6 e8 71 1b 86 d9 b1 22 fe 30 10 14 7b d4 5f 13 a1 9c ab 9f e1 17 e2 25 68 4f 4c 4c b4 0f 9d c7 ba cf de 75 70 f1 7c f2 f0 b0 e1 d1 a7 d6 2e d6 36 06 ba 87 d9 cb 60 c2 66 0f dc 88 82 c2 9b 89 50 0b 20 61 80 73 4c 1d 12 a9 d7 ae c1 07 ce 9d 75 2f 7b
                                                        Data Ascii: We[n;5|}."Hu9l-tzNP1ji-Cpl!vzBX7$Q]e@*2oTIFN^7>Z(`(H^\]iDoq(A8lu+hl`Rq"0{_%hOLLup|.6`fP asLu/{
                                                        2024-04-16 20:47:32 UTC16384INData Raw: 51 e8 d8 49 1a c5 7e e0 d9 16 67 96 07 dd 24 06 a6 67 2e 3a 13 22 4e b9 73 c3 7d 82 d5 6e 0c ea d9 91 1f 4a 28 29 42 84 10 bd 29 34 59 91 49 cb 71 33 c8 8f cc 8f f8 6e 3a 4b 3c 1b aa 5e ec 0a 88 73 a8 c7 2e 70 1b 4c 50 30 61 b9 01 0b 63 77 37 eb 64 34 23 cb 0f 33 61 45 71 04 25 c5 b1 53 c9 5c 11 3b 99 6b 5b 8e c3 3d 58 06 bb e9 2c b1 21 16 dc 14 aa 44 c8 05 38 b8 25 18 83 25 e0 07 a4 b2 40 4f be d9 36 cb 6a 37 46 33 8a 63 d8 a3 2e 4c 98 48 78 31 73 1d c1 63 c9 a5 6b 65 41 40 42 72 37 f4 e4 25 16 68 34 62 69 e6 63 4d 2c 1f 82 c9 e1 2c f6 3c d2 9e 03 08 f6 dd 4c 9d d1 8c 52 1f e4 93 49 2f b2 c0 c6 dd d0 b2 bd c8 66 98 4d b0 58 61 59 ce 4e 38 b9 e3 27 8e 23 20 f3 32 32 0b 6d 2b 86 24 77 98 b0 3d 3b 82 7c 8f bc 30 0e 77 d2 8d d1 8c 62 e1 87 91 6d 05 ae 13 79
                                                        Data Ascii: QI~g$g.:"Ns}nJ()B)4YIq3n:K<^s.pLP0acw7d4#3aEq%S\;k[=X,!D8%%@O6j7F3c.LHx1sckeA@Br7%h4bicM,,<LRI/fMXaYN8'# 22m+$w=;|0wbmy
                                                        2024-04-16 20:47:32 UTC16384INData Raw: fa 8d 62 92 ff 9a 3b 5e 4f df 33 30 3a ba 6c ef 2b 3a 09 a6 ef 19 71 32 ea e5 2b 63 f2 57 d2 2a 7f b7 60 96 9b 2d 2a c8 61 5b 2e 04 2d e7 db e7 41 5b 04 47 33 d3 7e 65 e5 34 a3 a2 f1 6d 39 81 97 d9 3d 37 d1 47 77 c7 cf ae ac a3 7e b9 fe 73 95 9a 79 cd 32 ea 2c f1 d5 f7 5f 84 2c df 2e 8a b3 a3 b2 78 fc 41 f2 f3 c5 8a 57 68 fd f3 97 db d1 19 9b 37 35 a3 bf 7e 25 fe ff 55 a8 db 34 7e 33 ba 36 60 7f 6d 8a fe a6 f0 b3 59 b6 ba f3 64 63 5b d5 f7 3f 22 46 1c 9d 49 29 d2 f3 d3 b3 9d 8b f3 16 e6 94 a6 9b 6f 50 9e ff e1 f1 6e 87 12 f2 3f 5e ab 2d 0e d9 fc 01 6c d8 df 20 f2 e7 9b 30 53 5e e6 53 59 5e 47 da 2d a8 c2 37 e6 26 ff ed dc 97 3b 54 32 4b 9a fa 6a 5d ab 55 6e 9f 44 a2 bc 68 8d 32 0f e9 00 50 ef 6f 3d eb 4b 1c e9 3a 79 71 fe 9a b6 39 21 77 9d e0 b2 46 7e 54
                                                        Data Ascii: b;^O30:l+:q2+cW*`-*a[.-A[G3~e4m9=7Gw~sy2,_,.xAWh75~%U4~36`mYdc[?"FI)oPn?^-l 0S^SY^G-7&;T2Kj]UnDh2Po=K:yq9!wF~T
                                                        2024-04-16 20:47:32 UTC7322INData Raw: 1f 07 4f 53 d4 c5 c3 63 98 d0 fe fd 26 b7 b8 5e e2 81 fb 3e 31 42 65 52 c6 b5 42 41 83 fd 4b 62 cc fd 28 d8 9f 11 23 a5 e4 6b ff 86 18 3e a7 51 fb 1f a1 7e 99 70 ed bf 03 f0 97 a9 d6 fe 29 d4 bf a6 3b f1 d0 9d cf d1 74 b5 1f 1b 21 13 9e f2 27 d9 dd 53 1c fb 65 27 ea f6 30 8e 31 9f 72 87 4d 36 ee 76 7b c0 00 e3 4e 16 1b 6e dc bd cb 57 3c 93 27 8f f3 04 ec d9 f9 0d 56 87 a0 f0 0c fb 60 81 44 01 57 00 16 8c 4c 2b 4f 31 d3 d5 57 3e ba fd 1d d3 40 89 80 66 59 20 bd f7 fc 2b 30 6a a4 3d fc e9 8b fc c7 ed 2d e9 71 60 bd 02 66 7d bd f8 91 dc dc 15 23 73 63 ee 41 c1 47 45 07 85 e3 a2 c1 6f bb e9 e7 28 f3 2f 3b fc 67 0f 6f f0 75 bf fa 6e 4a 5a 1f 7b 07 b0 0c 5c b8 dc 8f a9 90 82 e4 16 49 90 97 7c e1 15 60 83 bf 49 e2 e7 f3 c4 ff 88 31 b4 f1 59 e7 97 de e1 bb d9 e9
                                                        Data Ascii: OSc&^>1BeRBAKb(#k>Q~p);t!'Se'01rM6v{NnW<'V`DWL+O1W>@fY +0j=-q`f}#scAGEo(/;gounJZ{\I|`I1Y


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        6192.168.2.44978013.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:31 UTC654OUTGET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        Origin: https://login.microsoftonline.com
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:32 UTC818INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:31 GMT
                                                        Content-Type: application/x-javascript
                                                        Content-Length: 15799
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Thu, 28 Mar 2024 02:23:53 GMT
                                                        ETag: 0x8DC4ECE1D0444D4
                                                        x-ms-request-id: c908638f-a01e-0014-2714-90f9b4000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204731Z-18655757dbcn6rtcxqsm0vc51s00000004cg000000000kn9
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        X-Cache-Info: L1_T2
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:32 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 dd 7d 4d 73 23 47 b2 d8 dd bf 02 8b 75 68 86 4f 3d 10 3e f8 89 11 34 06 01 70 06 4f 24 00 01 e0 50 0a 49 46 34 81 22 d8 4b a0 1b af bb 31 1c 2e 35 8e bd f9 f0 0e be da 37 1f 7c f2 d1 17 df fd 53 36 e2 f9 77 38 3f aa aa ab ba 1b 00 39 d2 d3 ee b3 42 c1 41 77 55 65 65 65 65 65 65 66 65 65 ff e1 66 ed 4f 63 2f f0 5f 8a bd 47 f5 bb 10 bc f4 f7 1e bd 9b 97 de 8f fe cf 7b a1 88 d7 a1 5f c0 df 25 f1 71 15 84 71 f4 fa 83 1b 16 e2 06 be 6a 3c ca 77 f5 c7 4f 8e 37 ab fb ce 22 70 67 62 56 ff 43 e5 d3 6b d9 54 60 d3 a9 bb 58 bc 8c 15 04 27 76 92 df c1 1e 3c 70 b3 c6 1f ca 49 c1 27 ec c6 6b 3c 6a 40 41 69 d9 10 4e 50 9a 36 3c f8 bb 6a 14 8b 4e f0 b2 bc f7 e9 e5 8f c9 30 9c c0 f1 00 f9 97 d5 3d c2 d2 6f 78 2f 2b 00 1f fe 39 d8 73 42 f8 e7
                                                        Data Ascii: }Ms#GuhO=>4pO$PIF4"K1.57|S6w8?9BAwUeeeeeefeefOc/_G{_%qqj<wO7"pgbVCkT`X'v<pI'k<j@AiNP6<jN0=ox/+9sB
                                                        2024-04-16 20:47:32 UTC233INData Raw: 74 6b 2e b7 1d e8 57 07 1b 0a ae c4 62 0a fb 14 83 a4 1d 47 7a 4c d9 50 88 3d 11 31 a3 82 91 44 92 9b ac 27 fa 55 71 d0 e8 52 b2 83 36 27 fc b6 dc 23 94 e3 1e 80 37 6e 69 ad 92 7b 01 76 8e 29 d0 a4 f3 81 4e a5 61 fe e9 d7 44 09 47 be c4 aa 78 02 e5 da 24 f0 cf 03 17 6f 15 81 0e 9b 57 59 59 50 76 65 74 81 91 0e 08 e2 ca 8f 9f d0 09 e6 cc 63 f5 01 0c 1d b1 ff ac b6 da 7e a0 7c 70 78 3f 7a 67 ef 29 ac ad fb a8 08 00 af bb ab 0b 46 ef 41 74 8a 4c fb 39 f7 de 8d 28 4c 4b db fa 95 7d d4 f5 b7 b4 b4 70 4f 6e 04 ef ef ec d2 6a c8 b3 29 ad 7d 6c 5b d9 81 ae 31 dc 64 9c fb e5 ea ce 71 1a 0d 53 9d 56 9f d3 e9 b7 17 a3 2e 37 aa 7e fa f4 f3 9e c3 b9 43 4b 93 49 e3 0f e5 d7 ff 0f de d8 74 96 1f d7 00 00
                                                        Data Ascii: tk.WbGzLP=1D'UqR6'#7ni{v)NaDGx$oWYYPvetc~|px?zg)FAtL9(LK}pOnj)}l[1dqSV.7~CKIt


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        7192.168.2.44977713.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:33 UTC618OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:33 UTC818INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:33 GMT
                                                        Content-Type: application/x-javascript
                                                        Content-Length: 54325
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Thu, 15 Feb 2024 19:13:15 GMT
                                                        ETag: 0x8DC2E5A2998EB1D
                                                        x-ms-request-id: 35942499-001e-0076-531f-8eed92000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204733Z-18655757dbc4ww6dg55cr6ae4000000004800000000092k3
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache-Info: L1_T2
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:33 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 ec bd 6b 7b db 46 92 30 fa 7d 7f 05 85 67 46 06 4c 90 22 a9 8b 65 52 10 c7 76 92 79 bd 4f 12 fb d8 ce bc 67 8f cc c9 03 81 a0 84 98 02 b8 b8 d8 d6 88 dc df 7e aa aa ef 40 83 92 af c9 66 3c bb b1 88 46 a3 2f d5 dd d5 75 af bd fb 3b ff d1 b9 df e9 dd fd 7f 9d 97 af 1e bd 78 d5 79 f6 43 e7 d5 ff 79 fa e2 bb ce 73 78 fa af ce cf cf 5e 3d 7d f2 fd dd db c1 4e f1 bf 57 97 49 d1 59 24 cb b8 03 7f cf c3 22 9e 77 b2 b4 93 e5 9d 24 8d b2 7c 95 e5 61 19 17 9d 2b f8 37 4f c2 65 67 91 67 57 9d f2 32 ee ac f2 ec b7 38 2a 8b ce 32 29 4a f8 e8 3c 5e 66 ef 3a 2e 34 97 cf 3b cf c3 bc bc ee 3c 7d ee f5 a1 fd 18 5a 4b 2e 92 14 be 8e b2 d5 35 fc be 2c 3b 69 56 26 51 dc 09 d3 39 b5 b6 84 87 b4 88 3b 55 3a 8f f3 ce bb cb 24 ba ec fc 94 44 79 56 64
                                                        Data Ascii: k{F0}gFL"eRvyOg~@f<F/u;xyCysx^=}NWIY$"w$|a+7OeggW28*2)J<^f:.4;<}ZK.5,;iV&Q9;U:$DyVd
                                                        2024-04-16 20:47:33 UTC16384INData Raw: d7 26 f4 e5 ac f2 e9 76 8f df 7e 95 fe 7a ac bf f3 e6 46 fc 20 af 2c 68 22 6c ec af 0f f1 58 23 9c 57 4f 85 29 04 a2 a6 af 99 30 b3 14 9a 61 1d 83 94 a6 41 a5 e1 ba 40 8e 69 4d 84 c0 0c 7a ee 60 3d 99 b6 58 4f 32 bb c9 b1 51 33 f7 d0 cc 59 d4 64 3d a8 ea f4 ac 64 83 78 6e c2 77 d6 2c 2b 64 ba 9c e8 88 be 66 c5 8c df 66 99 b1 37 5b 0c 65 ed c6 b0 84 1d b8 27 9d b1 78 9f d1 85 0e f7 b3 61 34 de 22 6c a6 2f 35 ab 02 8b c7 89 b8 f8 6d be 19 44 1a 30 db e7 98 94 60 dc 01 03 75 61 53 a0 c6 87 a8 0e 1b 7a e3 5c 73 c0 60 ee 51 be 50 27 6e f4 b1 3e be 6e 52 fc db 7d 60 b6 9b e9 5b 3d 60 f2 fa ac ed ce 08 79 ab 13 40 ae a4 cc 80 81 49 2c 6b 50 9f d5 16 d2 7d b4 9d 74 bf 2b 55 8b fe 30 c4 64 10 31 bb 9d c9 e0 96 d3 e6 5e 6f 10 6f 75 1b 48 73 4a c9 96 29 ed 37 a6 64
                                                        Data Ascii: &v~zF ,h"lX#WO)0aA@iMz`=XO2Q3Yd=dxnw,+dff7[e'xa4"l/5mD0`uaSz\s`QP'n>nR}`[=`y@I,kP}t+U0d1^oouHsJ)7d
                                                        2024-04-16 20:47:33 UTC16384INData Raw: 4d 1b 87 df 42 87 3b 7d 41 91 56 ce 68 80 92 6a 27 33 9a 06 05 0e 6a ee 80 44 c4 66 f1 6a 1b d6 a5 51 f4 e0 d1 11 ad 3c 3a ae a2 1c fd f7 9b 24 c3 f6 61 2e 2f 03 95 db 1a db 11 47 1c 6c 89 73 db 4d aa 52 da b0 57 db 32 bf 29 5f 14 77 2f 6b 5d 29 40 84 dd b9 1c e4 35 e5 58 be 7e cb 47 b9 bb 2a af 2e 8c 24 e3 da 82 16 69 69 c9 e0 a5 e4 f7 2e 25 75 e6 0a b6 d4 ed 8d c5 7c aa 50 dc 9c bf f5 32 fa f9 9a a1 fb 5b 8c 97 74 e1 59 21 ca 81 0c 11 73 4a 13 f3 55 f6 45 f9 3a bc a4 72 e9 69 3b 21 8d ae e3 f7 5e 42 e7 ce 71 21 e7 6f 59 7c ee e8 9b 5f a1 85 a7 01 59 7a 29 5e da 20 4b 2f c5 13 5d da b4 de 7b e9 8b e3 e6 74 04 65 da 5b 0f ca e4 1a c9 19 bf b1 7f 1f 64 ff df c5 f6 ba 6e 26 a0 b8 dd de 5a 6b db e4 cb ad 6d bf c0 ce 96 da d2 60 6a ab 5a e3 58 dc 52 e6 5f 6e
                                                        Data Ascii: MB;}AVhj'3jDfjQ<:$a./GlsMRW2)_w/k])@5X~G*.$ii.%u|P2[tY!sJUE:ri;!^Bq!oY|_Yz)^ K/]{te[dn&Zkm`jZXR_n
                                                        2024-04-16 20:47:33 UTC5991INData Raw: 39 35 50 78 6e 18 8b 9a 2f af 01 ef 75 bf ab b7 ae 01 f2 5d ff de 98 b0 b0 3e 49 0e 7e 63 40 3c 29 b8 d4 80 14 aa 30 32 c0 a4 8e 42 d4 35 3d 5f 18 b8 a3 11 36 4f 9a 57 c3 d9 74 ef a4 b8 f7 97 0d 0d bb 85 3e 8b 58 ca db be e7 c3 1b 78 bd b3 c3 96 68 64 69 85 5f 70 17 50 83 d8 fd 33 ab 3f bf a4 b3 1d 87 c9 32 e6 91 0b 6c 50 5a 4a f6 5c 2d 1d b3 22 79 95 55 3b 8d 66 e7 4b 13 fe f9 05 af ed 06 6b ab 90 17 34 34 0c 28 2d 2a bd f3 be c0 75 de d3 f6 02 7a 2f e0 69 a9 24 cb 5c ef 0f ef 5e 3c cd 2e 67 59 4a b6 fe 6a 52 34 68 93 b4 86 af 7e e1 84 3e d1 43 fe ac 88 cb 70 5e 4e 3a fd c3 de 59 54 c4 07 f7 85 be 29 16 8b 95 25 ab 59 35 e6 6f a8 db f0 2e 3e 7f fe 69 46 a2 81 57 38 17 aa 49 22 ed a7 b4 13 d1 92 8d eb 69 f9 16 09 1b 5c 25 e9 38 bb da 86 23 f6 4c d9 de 66
                                                        Data Ascii: 95Pxn/u]>I~c@<)02B5=_6OWt>Xxhdi_pP3?2lPZJ\-"yU;fKk44(-*uz/i$\^<.gYJjR4h~>Cp^N:YT)%Y5o.>iFW8I"i\%8#Lf


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        8192.168.2.44978413.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC649OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:34 UTC744INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: image/x-icon
                                                        Content-Length: 17174
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                                        ETag: 0x8D8731230C851A6
                                                        x-ms-request-id: 6b17ac04-a01e-0050-7c2f-8f86ad000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbcjcj2wutptze2tvn0000000480000000004uf4
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:34 UTC15640INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                                        Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                                        2024-04-16 20:47:34 UTC1534INData Raw: 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22
                                                        Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        9192.168.2.44978613.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC662OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:34 UTC784INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 673
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:46 GMT
                                                        ETag: 0x8DB5C3F47E260FD
                                                        x-ms-request-id: b5112e21-101e-0007-7534-8f3490000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbc22mh7ubegs8ztg4000000018000000000dprn
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:34 UTC673INData Raw: 1f 8b 08 00 00 00 00 00 04 00 b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01 21 02 39 81 41
                                                        Data Ascii: Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9!9A


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        10192.168.2.44978513.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC663OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:34 UTC785INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 1435
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                        ETag: 0x8DB5C3F4911527F
                                                        x-ms-request-id: bd254fe0-e01e-003c-0538-8f3096000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbcxffsszfprzy3hq8000000046000000000kkbu
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:34 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                                        Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        11192.168.2.44978713.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC663OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:34 UTC784INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 621
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                        ETag: 0x8DB5C3F49ED96E0
                                                        x-ms-request-id: 6b0c9bac-a01e-0050-682e-8f86ad000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbcrzwhputx21vz6p4000000044g000000003ge8
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:34 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                                        Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        12192.168.2.44978913.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC624OUTGET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:34 UTC818INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: application/x-javascript
                                                        Content-Length: 35813
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Thu, 15 Feb 2024 19:13:16 GMT
                                                        ETag: 0x8DC2E5A29EDB0A1
                                                        x-ms-request-id: 5f68e1f4-601e-0024-7a1f-8ed8a5000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbcm9dnxqshphrvzfg000000049g0000000069ac
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache-Info: L1_T2
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:34 UTC15566INData Raw: 1f 8b 08 00 00 00 00 00 04 00 e4 bd 7b 7f db 38 92 28 fa ff f9 14 b6 a6 c7 11 db b4 2c ea 2d db 8c c7 f1 a3 93 99 a4 93 cd a3 67 67 6c 75 86 a2 20 89 6d 8a 94 49 ca 8f c4 de cf 7e ab 0a 6f 52 76 92 d9 b3 e7 dc df bd 99 69 9a 28 14 0a 85 02 50 28 14 0a d4 ee cf 9b ff 6b e3 e7 8d 9d ef ff b7 f1 e1 e3 d1 fb 8f 1b 6f cf 36 3e be 7c f5 fe 64 e3 1d a4 fe b1 f1 eb db 8f af 8e 4f bf 9f 0e 56 8a ff 7d 9c 47 f9 c6 34 8a d9 06 fc 1d 07 39 9b 6c a4 c9 46 9a 6d 44 49 98 66 cb 34 0b 0a 96 6f 2c e0 99 45 41 bc 31 cd d2 c5 46 31 67 1b cb 2c fd 83 85 45 be 11 47 79 01 85 c6 2c 4e 6f 36 ea 40 2e 9b 6c bc 0b b2 e2 6e e3 d5 3b a7 01 f4 19 50 8b 66 51 02 a5 c3 74 79 07 ef f3 62 23 49 8b 28 64 1b 41 32 21 6a 31 24 92 9c 6d ac 92 09 cb 36 6e e6 51 38 df 78 13 85 59 9a a7 d3 62
                                                        Data Ascii: {8(,-gglu mI~oRvi(P(ko6>|dOV}G49lFmDIf4o,EA1F1g,EGy,No6@.ln;PfQtyb#I(dA2!j1$m6nQ8xYb
                                                        2024-04-16 20:47:34 UTC16384INData Raw: fb f4 8a 9f 60 92 f4 a9 99 cc fa b2 bd d7 13 b0 c4 06 dc ca 65 96 2c ec 0f e5 1d 27 21 95 80 e4 d4 cb 2b 1f 51 c4 8b 15 a2 2b 7a 64 54 7d 78 69 fe fa 15 f1 34 37 7f ff 6a 48 38 1a 63 c0 31 54 3e 0d 4a 3c 74 5e fb 49 76 ca 59 7b 5d bb 7c 7a dd 96 b0 75 ce 53 22 b3 de f0 a1 2c fb db ee 74 13 31 9f 8b df f9 c1 01 f8 21 9a a9 2f 3e 92 7d 93 1b 80 50 01 a6 12 d2 92 90 6b 1b a2 4f df 78 d2 08 c8 0e 38 44 1d a9 b7 45 fa aa 04 50 9f a1 66 22 2d 27 02 ed 08 cd ef cc 4d 44 5a 5d b0 9c 72 80 0a b5 a6 e3 0f 00 98 4b 42 87 83 cc 2f c2 11 eb e5 cf 3f d0 77 57 f9 cf 71 c9 a1 46 3d 8b e0 b5 83 72 11 e4 73 39 87 69 73 9b 2f ec 2f 29 53 cd e5 0e 5d 44 92 7e 5b 00 d4 47 1c 02 9e 54 2e b0 50 a4 55 20 57 a8 6e ee 7c 78 7b f6 51 8f 40 42 4c a7 85 1e 83 1c 12 1b de fe a9 80 48
                                                        Data Ascii: `e,'!+Q+zdT}xi47jH8c1T>J<t^IvY{]|zuS",t1!/>}PkOx8DEPf"-'MDZ]rKB/?wWqF=rs9is//)S]D~[GT.PU Wn|x{Q@BLH
                                                        2024-04-16 20:47:35 UTC3863INData Raw: ac c2 18 06 70 37 5a 66 93 fc 61 14 40 f7 bf 8e fc cd dd a4 86 91 90 19 d3 45 f3 72 8f 21 d5 e4 0c 79 9a 4f 10 48 66 a8 4e a4 db e3 4b c1 87 72 bb 6d 34 d5 3e d9 cc 55 c8 ee 9c a4 a6 95 b9 d5 17 33 33 2c e8 70 fb 44 11 ed bb 2c 48 eb 8c 92 a6 b8 a8 8a e5 0a 9f 59 31 be e5 8c 34 65 74 1e 1c 19 75 de 81 31 86 b5 fe 29 4d 81 0b 7b 6d e1 fe 15 2e 1f 3e ef ec 93 cf 31 d1 93 93 0c 4e 1f 1b ff a4 f6 da 09 9c d7 b5 ee c9 6b 67 87 b8 3c 9d ce 19 2e 03 e2 e2 f1 42 df df f1 2b 2b 86 2b a8 9a 25 10 da a6 5a 4e ee 79 00 b9 f3 53 d2 6d 63 74 4b d1 35 fc e2 22 6c e8 e9 c0 6c bf f5 8e a0 23 c0 d8 95 3b 3d eb 13 df e7 53 29 ef 2b 5b 5d c9 12 0c 9e 8a 33 00 52 25 5a b7 87 89 f1 16 cb 67 4f 25 77 f7 16 52 dc ae f6 b1 c2 c6 4b c1 41 51 e7 9d 50 3f d3 0e 55 45 ba 19 14 a8 a5
                                                        Data Ascii: p7Zfa@Er!yOHfNKrm4>U33,pD,HY14etu1)M{m.>1Nkg<.B+++%ZNySmctK5"ll#;=S)+[]3R%ZgO%wRKAQP?UE


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        13192.168.2.44979013.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC404OUTGET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:35 UTC744INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:34 GMT
                                                        Content-Type: image/x-icon
                                                        Content-Length: 17174
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Sun, 18 Oct 2020 03:02:03 GMT
                                                        ETag: 0x8D8731230C851A6
                                                        x-ms-request-id: 6b17ac04-a01e-0050-7c2f-8f86ad000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204734Z-18655757dbcjcj2wutptze2tvn0000000470000000007bnq
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:35 UTC15640INData Raw: 00 00 01 00 06 00 80 80 10 00 00 00 00 00 68 28 00 00 66 00 00 00 48 48 10 00 00 00 00 00 e8 0d 00 00 ce 28 00 00 30 30 10 00 00 00 00 00 68 06 00 00 b6 36 00 00 20 20 10 00 00 00 00 00 e8 02 00 00 1e 3d 00 00 18 18 10 00 00 00 00 00 e8 01 00 00 06 40 00 00 10 10 10 00 00 00 00 00 28 01 00 00 ee 41 00 00 28 00 00 00 80 00 00 00 00 01 00 00 01 00 04 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 ba 7f 00 22 50 f2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 22 20 00 00 03 33 33 33 33 33 33 33 33 33 33 33 33 33 33 33
                                                        Data Ascii: h(fHH(00h6 =@(A(("P"""""""""""""""""""""""""""""" 333333333333333
                                                        2024-04-16 20:47:35 UTC1534INData Raw: 01 80 00 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 04 00 00 00 00 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ff ff ff 00 ef a4 00 00 00 b9 ff 00 00 bc 7b 00 1f 4c f9 00 22 50 f2 00 f7 a6 00 00 00 ba 7f 00 f3 a6 00 00 1e 4e f6 00 23 4e f4 00 f3 a4 00 00 00 bc 7d 00 00 ba 7d 00 00 00 00 00 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22 22 22 22 22 22 22 c0 03 33 33 33 33 33 33 33 22
                                                        Data Ascii: ( @{L"PN#N}}"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"""""""3333333"


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        14192.168.2.44979213.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC418OUTGET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:35 UTC785INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:35 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 1435
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                        ETag: 0x8DB5C3F4911527F
                                                        x-ms-request-id: bd254fe0-e01e-003c-0538-8f3096000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204735Z-18655757dbcrzwhputx21vz6p40000000430000000006a0n
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:35 UTC1435INData Raw: 1f 8b 08 00 00 00 00 00 04 00 bd 57 4d 6f 1c 37 0c fd 2b 8b ed 75 56 96 48 4a a2 0a db 80 7b f2 c1 be fa 90 db b6 b1 b3 06 ec 26 88 17 76 fa ef fb 28 51 b3 46 91 a2 c9 a5 b0 f7 61 57 1c 51 fc 7c e2 9c bf bc 7e da 7c 7b 7e fa f3 e5 62 7b 38 1e bf fc 7a 76 f6 f6 f6 16 de 38 7c fe fa e9 8c 62 8c 67 78 62 bb 79 7b fc 78 3c 5c 6c 53 d4 ed e6 70 ff f8 e9 70 bc d8 92 6c 37 af 8f f7 6f bf 7d fe 76 b1 8d 9b b8 81 74 83 c5 cb f3 e3 e3 f1 e9 fe 72 ff f2 72 7f 7c 39 3f 1b bf ce bf ec 8f 87 cd c7 8b ed ad 48 50 2e 8b 84 72 97 34 c8 61 47 41 ee 6a c8 ca d7 82 af 37 ac 21 a5 b6 98 ec 9a 4b c8 9c 6e 98 42 12 5a fa 43 87 5d 88 d4 fa d6 6b 6a a1 dd 41 d1 81 83 70 b9 e1 1a 78 49 a6 fe 10 62 d6 1b 49 21 4b b6 93 3e 3c d3 92 42 94 b6 4f 81 8a 2e 03 23 fe d2 12 24 b5 5d 68 a5
                                                        Data Ascii: WMo7+uVHJ{&v(QFaWQ|~|{~b{8zv8|bgxby{x<\lSppl7o}vtrr|9?HP.r4aGAj7!KnBZC]kjApxIbI!K><BO.#$]h


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        15192.168.2.44979113.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC418OUTGET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:35 UTC784INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:35 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 621
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:49 GMT
                                                        ETag: 0x8DB5C3F49ED96E0
                                                        x-ms-request-id: 4a12f3a1-001e-005a-79e0-8d88b8000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204735Z-r1f585c6b654cgwleayu8v9rpg00000003sg000000002hxf
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:35 UTC621INData Raw: 1f 8b 08 00 00 00 00 00 04 00 7d 55 4d 6f 22 31 0c fd 2b a3 d9 ab 93 c9 f7 47 3b 20 cd 9e 38 6c af 1c b8 4d 0b 05 24 0a 55 19 41 57 ab fe f7 b5 93 a0 55 61 58 0d d8 60 27 ef 3d db 09 b4 c7 d3 ba fa 7c db ed 8f 93 7a 33 0c ef 0f 4d 73 3e 9f f9 59 f3 c3 c7 ba 51 42 88 06 57 d4 d5 79 bb 1c 36 93 da 84 ba da ac b6 eb cd 90 3f 9f b6 ab f3 cf c3 e7 a4 16 95 a8 4c c0 57 3d 6d 97 ab d7 e3 b4 3d 0e bf 77 ab 29 ef ff bc 6e 77 bb 87 fd 61 bf 7a fc e2 cf f9 db 0f 23 e8 79 fc 6a 9b bc ac 6d f2 a6 8f d5 cb 50 bd ec fa 23 ca e9 ef b1 36 d3 f6 bd 1f 36 97 75 cf 75 b5 9c d4 4f 46 80 56 dc fa 30 37 62 a6 d5 5c bb 99 0a 73 ad 66 ca cc 55 e0 de b9 4e 0a ee 42 84 e2 04 3e 12 64 04 2d 7a 0c a5 78 89 32 cb ad f1 4c 72 0b 52 72 29 dc c5 e5 ac e2 4a 46 cc 7a 19 3b 4c 68 af a1 b8
                                                        Data Ascii: }UMo"1+G; 8lM$UAWUaX`'=|z3Ms>YQBWy6?LW=m=w)nwaz#yjmP#66uuOFV07b\sfUNB>d-zx2LrRr)JFz;Lh


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        16192.168.2.44979313.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:34 UTC417OUTGET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:35 UTC784INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:35 GMT
                                                        Content-Type: image/svg+xml
                                                        Content-Length: 673
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Content-Encoding: gzip
                                                        Last-Modified: Wed, 24 May 2023 10:11:46 GMT
                                                        ETag: 0x8DB5C3F47E260FD
                                                        x-ms-request-id: b5112e21-101e-0007-7534-8f3490000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204735Z-18655757dbclnrp9pueazee7k80000000450000000006gac
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:35 UTC673INData Raw: 1f 8b 08 00 00 00 00 00 04 00 b5 55 db 6e db 30 0c fd 15 c1 7d 69 1e ac 50 b2 ae 43 1c a0 37 6c 2f c3 0a 64 fd 80 d4 b1 13 03 ae 1d d8 6e d3 f6 eb 47 ca f6 96 0c 79 6c 10 20 e6 91 45 f2 f0 98 94 16 dd db 96 bd bf 54 75 97 46 bb be df 7f 9b cf 0f 87 03 3f 24 bc 69 b7 73 09 00 73 dc 11 b1 43 b9 e9 77 69 24 bc 84 88 ed f2 72 bb eb 11 81 43 54 94 55 95 46 75 53 e7 d1 72 b1 65 cd 7e 9d 95 fd 47 1a 71 19 b1 ac 2a f7 f1 7e 4d ae af 6d 75 7d f5 30 c3 3d 84 d9 26 8d 7e 0a 65 0c 57 4c 58 af b9 cc bc 06 9e 58 06 88 25 70 17 1b 69 b9 96 13 12 0a 04 37 2b a9 84 e1 d6 c6 02 c0 b1 c1 3f d8 b1 d4 0a cd c4 01 57 4e 0e 88 25 3e e1 a6 b3 16 d7 24 ed a6 08 63 bc 11 7d 4e f4 03 bb 9b 59 34 3f a2 97 78 c5 31 bf 13 9a 9b cc 2a c3 b5 23 76 89 16 c8 47 61 6c 39 01 21 02 39 81 41
                                                        Data Ascii: Un0}iPC7l/dnGyl ETuF?$issCwi$rCTUFuSre~Gq*~Mmu}0=&~eWLXX%pi7+?WN%>$c}NY4?x1*#vGal9!9A


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        17192.168.2.44979913.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:45 UTC668OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:46 UTC740INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:46 GMT
                                                        Content-Type: image/gif
                                                        Content-Length: 2672
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                                        ETag: 0x8DB5C3F48EC4154
                                                        x-ms-request-id: 4a9655dc-901e-0067-4c29-8f76b2000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204746Z-18655757dbchb8hrrdnzauun94000000047g00000000fwh4
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:46 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                                        Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        18192.168.2.44979813.107.213.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:45 UTC662OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://login.microsoftonline.com/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:46 UTC740INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:46 GMT
                                                        Content-Type: image/gif
                                                        Content-Length: 3620
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                        ETag: 0x8DB5C3F4904824B
                                                        x-ms-request-id: e6dee6d4-b01e-0065-582d-8f20b6000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204746Z-18655757dbcgmrw6wp6x0vrcew0000000470000000000unq
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:46 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                                        Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        19192.168.2.44980313.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:46 UTC423OUTGET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:46 UTC740INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:46 GMT
                                                        Content-Type: image/gif
                                                        Content-Length: 2672
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Wed, 24 May 2023 10:11:47 GMT
                                                        ETag: 0x8DB5C3F48EC4154
                                                        x-ms-request-id: c277e437-d01e-0037-0c89-8e1581000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204746Z-r1f585c6b65gj7jwqmmy8fr0dc00000003c0000000007gbc
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:46 UTC2672INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 ff ff ff 96 96 96 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 06 00 00 00 30 00 03 00 00 02 1a 8c 01 16 88 ca ec 1e 3c f2 a9 18 1b b5 5b e6 9a 5c 4b 38 6a e5 74 72 a9 67 14 00 21 f9 04 09 03 00 00 00 2c 07 00 00 00 33 00 03 00 00 02 1a 8c 81 16 c8 ca ef 5e 3b 12 2a 0a e2 5c 55 4b df 5d 5c 86 25 e5 56 99 63 aa 14 00 21 f9 04 09 05 00 00 00 2c 0a 00 00 00 37 00 03 00 00 02 1a 8c 81 60 91 b9 ed 0e 6c 6f c6 c5 ee ac 90 5b bf 61 19 02 2a 52 77 7e 69 18 14 00 21
                                                        Data Ascii: GIF89a`!NETSCAPE2.0!,`6PlHI:qJk`BYL*&!,0<[\K8jtrg!,3^;*\UK]\%Vc!,7`lo[a*Rw~i!


                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        20192.168.2.44980213.107.246.414434632C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        TimestampBytes transferredDirectionData
                                                        2024-04-16 20:47:46 UTC417OUTGET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1
                                                        Host: aadcdn.msauth.net
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                        Accept: */*
                                                        Sec-Fetch-Site: none
                                                        Sec-Fetch-Mode: cors
                                                        Sec-Fetch-Dest: empty
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        2024-04-16 20:47:46 UTC740INHTTP/1.1 200 OK
                                                        Date: Tue, 16 Apr 2024 20:47:46 GMT
                                                        Content-Type: image/gif
                                                        Content-Length: 3620
                                                        Connection: close
                                                        Cache-Control: public, max-age=31536000
                                                        Last-Modified: Wed, 24 May 2023 10:11:48 GMT
                                                        ETag: 0x8DB5C3F4904824B
                                                        x-ms-request-id: e6dee6d4-b01e-0065-582d-8f20b6000000
                                                        x-ms-version: 2009-09-19
                                                        x-ms-lease-status: unlocked
                                                        x-ms-blob-type: BlockBlob
                                                        Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                        Access-Control-Allow-Origin: *
                                                        x-azure-ref: 20240416T204746Z-18655757dbcqxsvqh02gg0s8as00000003r0000000001fw0
                                                        x-fd-int-roxy-purgeid: 4554691
                                                        X-Cache: TCP_HIT
                                                        Accept-Ranges: bytes
                                                        2024-04-16 20:47:46 UTC3620INData Raw: 47 49 46 38 39 61 60 01 03 00 f0 00 00 00 00 00 69 69 69 21 f9 04 09 05 00 00 00 21 fe 26 45 64 69 74 65 64 20 77 69 74 68 20 65 7a 67 69 66 2e 63 6f 6d 20 6f 6e 6c 69 6e 65 20 47 49 46 20 6d 61 6b 65 72 00 21 ff 0b 4e 45 54 53 43 41 50 45 32 2e 30 03 01 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 36 84 1d a9 b7 07 ed 50 8a 6c d2 8b b3 de bc fb 0f 86 e2 48 96 e6 89 a2 0a 04 49 01 d6 3a 71 4a d7 f6 8d e7 fa ce 6b ab f5 00 ba 60 42 59 b1 87 4c 2a 97 cc 26 af 00 00 21 f9 04 09 05 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 1f 69 19 07 ec 96 8a b2 51 34 af de bc fb 0f 86 e2 48 96 e6 89 a6 6a 0a 3d 99 6b 39 2d 35 5f f5 8a e7 fa ce f7 fe 0f 8c b4 6a 37 98 a6 28 7b 05 97 cc a6 f3 09 d5 15 00 00 21 f9 04 09 03 00 00 00 2c 00 00 00 00 60 01 03 00 00 02 39 84 0f
                                                        Data Ascii: GIF89a`iii!!&Edited with ezgif.com online GIF maker!NETSCAPE2.0,`6PlHI:qJk`BYL*&!,`9iQ4Hj=k9-5_j7({!,`9


                                                        Statistics

                                                        CPU Usage

                                                        Click to jump to process

                                                        Memory Usage

                                                        Click to jump to process

                                                        Behavior

                                                        Click to jump to process

                                                        System Behavior

                                                        General

                                                        Target ID:0
                                                        Start time:22:47:17
                                                        Start date:16/04/2024
                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
                                                        Imagebase:0x7ff76e190000
                                                        File size:3'242'272 bytes
                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:low
                                                        Has exited:false

                                                        General

                                                        Target ID:2
                                                        Start time:22:47:20
                                                        Start date:16/04/2024
                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                        Imagebase:0x7ff76e190000
                                                        File size:3'242'272 bytes
                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:low
                                                        Has exited:false

                                                        General

                                                        Target ID:3
                                                        Start time:22:47:22
                                                        Start date:16/04/2024
                                                        Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/vmsettings"
                                                        Imagebase:0x7ff76e190000
                                                        File size:3'242'272 bytes
                                                        MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:low
                                                        Has exited:true

                                                        Disassembly

                                                        No disassembly