Windows Analysis Report
https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us

Overview

General Information

Sample URL:	https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us
Analysis ID:	1415993
Infos:

Detection

HTMLPhisher

Score:	72
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Phishing site detected (based on favicon image match)

Yara detected HtmlPhish10

Phishing site detected (based on image similarity)

Phishing site or detected (based on various text indicators)

HTML body contains low number of good links

HTML body contains password input but no form action

HTML body with high number of embedded images detected

HTML page contains hidden URLs or javascript code

HTML title does not match URL

Invalid 'forgot password' link found

Stores files to the Windows start menu directory

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

AV Detection

Antivirus detection for URL or domain

Source: https://cloudflare-ipfs.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://eu.starton-ipfs.com/ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4	Avira URL Cloud: Label: phishing

Phishing

Phishing site detected (based on favicon image match)

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

Matcher: Template: microsoft matched with high similarity

Yara detected HtmlPhish10

Source: Yara match	File source: 1.5.pages.csv, type: HTML
Source: Yara match	File source: 1.4.pages.csv, type: HTML
Source: Yara match	File source: 1.6.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 2.3

OCR Text: Adolw Shared File Welcome to Adobe Shared File Your Contact has shared a file with you. Save your files to Adobe PDF and get them from any device, anywhere Select any of the options below to view and download the file Login with Login with with ffice36 Outlook Other Office365, Outlook Sharekfr't, (heDrive, Sbpe. OneNote, kwerPoint krd, Excel are trademarks of Microsoft All rights resewed Microsoft 2023.

HTML body contains low number of good links

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: Number of links: 0
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML body with high number of embedded images detected

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Total embedded image size: 31111

HTML page contains hidden URLs or javascript code

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Base64 decoded: https://bbann.com/wet85/c1881e3.php

HTML title does not match URL

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: Title: Sign in to Best Productivity Provider! does not match URL
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: Title: Adobe&Businessing does not match URL

Invalid 'forgot password' link found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Invalid link: Forgot my password

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: <input type="password" .../> found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: <input type="password" .../> found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No favicon
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No favicon

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No <meta name="author".. found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49721 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49717 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49721 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us HTTP/1.1Host: url.us.m.mimecastprotect.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /r/5Y9qj2ovODYJg8Nk8LachRrb55aIABvFf6WSMfRL0JEX1GBfHGz6Wz7IMWeV3hL0f4yiiLEyLFy6Qcax7xNf_crmekKRuEvZ5Vp9WPLoA3YxLZtVbzY2qxdrNPtBUgG2RXtpcyQSjLOVJvhdxYe9W8huUOPt-OVz9xqsK6u2deT4iP5s9WP97dHUExvPfseFPrCTqf8uaGZ-xfXk3-epY3LdHOgOXBL8LBoHL6QEQ4FTBfpUgr2Os4JdGC798XjWS4dxdYVeZvzIEUYuh9RP3V1XP9wMtgdjqZNwKGqTChuXgfRMNmgwj_ei6SnwQvD4arXViH_JQaLGFLMkcupBMN8_tiDj0iSN828l4HujYFAcoXVzx-DktUf9Sxn0_axQl8eSdHlKyIUn8yKqhub3h4-wCXe7sLiVhvly-C5Gc7W4EINvscxZjpsL8Jw9BIlNfovsvZIOf9IcLpvPeFjos0m-bm9BwdL6ggAVTQo3DljDzwp7JAfPHDoer4w8mkqoDhr6uhizCsTR8S6_zrlQpgefCMI7Hns11ZKBixXginyE1G2R1DXWJGx5D5p_gAUGdTJUjKogbDmo86PN7uy_N-GcBizh146Hv1pQFFnIjCe3YUsagUJhdVUqhQqFjJQ9DX0dNTlFY6DO_dGP7Bs8TMLpd5l3Qipz7D2wYlZcRfGtoAiMGavKXxXcNlFFLMnIujSPA3IcVlM7_Oyu-wEUn98bX-tSzlj1crTrKCkgsQCzqvB4aGZSeSI3IQP0WdDowYf4N8niE6SjKIPsBovy8SPXKb9uGmZr1l5Hx0z1DObRrbqpYJ0g5fRBgtSEShwce3xdGak9aj635HL11owI-a8RqLIh3X1o9LOXFrLBZACM8nGx4SIN9vd-D7L3mGNuVorpbLWGTGB_E7V8z-_6p2A8MGPW0gml6gLvfcBI3vszhMhIm6jmdWXDa9woaIRrg-a9aJnPmE6OZxbhC5FqBgsgEJ6HuuxsLIEDCXFFXQU_WmmxF021ejMxWDXUmGA5sPkig2392sqrFCK1K1BtRmCl4zH8hVICzr5QR2Z4XU_3jjp_ddoZub9s04sheoNO2EgEyLX8NsnOU7ezzp8QWzCbDa6FcvprNV_u8pt7WdMLe0DTZPpMy7AJuoKmcmckS4KE0c0gLBapy5WM9q3K9D9gCUmIME2KkML9IW921AUUXsRf1pjUiNLqKnOs0slR5aEVCMHKsZtG2di8x2-1z0EyLSCNPRDUa1Las-5tQ04bG6rWQMma1UDln95kfmaIzyLPRYTTP2UhcMO1ngaYPUBFCg8ToFajmHfnAdkJbahEtOggPwamgBK0zCybCe7CswiYcYq8mEC98NdUN0YlJxb3BqywgwPXmB66MEGJ4WlIoYZYHv3c6RxPtVarpZ0pgxHJhcc3E73yavorxZly7qjui0ePSIL4qQUYKMJJs_HlrL6bj8YgAxR7PWQfqMN7OTe5QeoIRb174gZnUJAjWVtXaW8erMn6oOItO9bfGuKysU7S0V7v0vGZ0X4WPaQ2MZTeB5ALNcmu0UJYiGwZGQk8ycQsL2mS5hmlEVBLloLZvSPdGSbwUDY4cgC8Qw-MvrXjo7qLi4pUN8zhUR0_F9-Q46hpYd7JJOpm18a0BdjN4Hreh4wols08pGIx9akb5azeZbG5MHcjRSPXESNCYixFZ45_1a28XsCEpKFMJqKX5VYUVVMIaNnO79EZ1ky4ioqW_tZQTTFsgNsS2dCn_pgDQzM0EZ0wwHiEJGp8dbeBNR8f3jdrnKRCgDpTIdObOLywWNp6IPNreO1eOim4I35d-n9S0upmpUeo759AaJ7C5uLVxWEABcbbY_7vekcBMk6o0027GJ0SLs76YLXaWquhlIiIM2t0KAGG-D7XteGhzL_-6eYlERP2qcqHc3hd2NnIc39QMSHlq7z3DIzITMUJ1mvPKRVKYr9tySVSl3o4Kc-156AK2CrlObDYeIYHD0LzBAOvTJ2ZYcqfM5Tcs-bI4KwFkwYOTq3egAaNzMCu2rxiv4DGT5SUTYs9c6WPuVzD4ZIDX4jw-AfrBCLiwfAsTECufkYBmc8yDVADGfA7LcyXYeIBkxyPOLiVtDxInvft7-VgXg5CGxq6WuY78bZpSqGjSp_0YJ_IboRqF8Io1XVvpXSNri9uOGCL4tkgQDZjcGzofBVkzs9CbiwMDKWE5CDo7L_h7l04BcBorKQ87KdgopfOUS9I0rNrQ675W75pQ11pG-r5snFTeA5T0gFBGZeayDFhxkLtPHYntZyr5kQJLTg5V87xUOJh0UMP HTTP/1.1Host: url.us.m.mimecastprotect.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /wf1HuXWFXi HTTP/1.1Host: gcv.microsoft.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/dist/cv-response-page.min.css?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/ls-pro.en-us.18e0edc91.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Scripts/Vendors/combined/basics_osi_v5_j3_3997ff6.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Scripts/Vendors/combined/response_v2_5234a19.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.cachegroup-nerve.min.js?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.min.js?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$expand=questions($expand=choices) HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json__RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.1ds.323a60b.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.utel.c1af5df.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.postsubmit.b7eca17.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.quiz.6dc4e0a.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$expand=questions($expand=choices) HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.638.3250f1d.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.vendors.e0d6b00.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Pages/ResponsePage.aspx/GetResourceStrings HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CorrelationId: 28d2eb97-da97-41bc-acbb-8070e17e33b6X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0Authorization: OData-MaxVersion: 4.0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: application/jsonContextParams: __RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1x-ms-form-request-source: ms-formwebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /cdn/scripts/dists/telemetry-worker.1.js HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Images/CustomerVoice/CustomerVoice.ico HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.cvheadertheme.ce22c68.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.cvtitlerender.65b951b.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Images/CustomerVoice/CustomerVoice.ico HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/privacy?ownerTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&currentUserTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&isAnonymous=true HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CorrelationId: c8f9e327-091c-4fc6-9b94-f6d8380c6309X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0Authorization: OData-MaxVersion: 4.0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: application/jsonContextParams: __RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1x-ms-form-request-source: ms-formwebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/privacy?ownerTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&currentUserTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&isAnonymous=true HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq HTTP/1.1Host: cloudflare-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ipfs//bafkreihlmuj4dgrrfefwbk5jt5vcn5se5l536iv6ajk2twitojueluhote HTTP/1.1Host: eu.starton-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/admin/js/sc.php?r=ZW0sZW1haWwsYWRk HTTP/1.1Host: bbann.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cloudflare-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqqAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=laouNJpugs1ex0aFjluIi.bVlixoa1nlRCy9MUfY3Kc-1711472753-1.0.1.1-88CDVD3gxet2CYZEE6lJ1gcRmnu11y8mS0dC_ey3oCZPCZyMhguDbzjbzcaDxsBhN5y_0j1rnn4URNZEIS5tfw
Source: global traffic	HTTP traffic detected: GET /20240320.html HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4 HTTP/1.1Host: eu.starton-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cloudflare-ipfs.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/c1881e3.php HTTP/1.1Host: bbann.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/gmail.png HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/admin/js/sc.php?r=ZW0sZW1haWwsYWRk HTTP/1.1Host: bbann.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/c1881e3.php HTTP/1.1Host: bbann.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=9c9m90iijkrebepf8lj413i3kl
Source: global traffic	HTTP traffic detected: GET /images/gmail.png HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: url.us.m.mimecastprotect.com

Source: unknown

HTTP traffic detected: POST /Pages/ResponsePage.aspx/GetResourceStrings HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CorrelationId: 5c029a49-9080-4e6b-808e-0b49aa1ffb9dX-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fsec-ch-ua-mobile: ?0formspro: enabledUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/json; charset=utf-8x-ms-form-request-source: ms-formwebsec-ch-ua-platform: "Windows"Accept: */*Origin: https://customervoice.microsoft.usSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:05:56 GMTContent-Type: text/plain;charset=UTF-8Content-Length: 14Connection: closeServer: cloudflareCF-RAY: 86a8ba750d303998-IADalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:00 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8ba921c832d27-IAD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:04 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8baabf8d920a8-IAD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:20 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8bb0a2a63874e-IAD

Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.ca
Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.github.io/pickadate.js
Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.github.io/pickadate.js/date.htm
Source: chromecache_152.5.dr	String found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: chromecache_185.5.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_185.5.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_152.5.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_152.5.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_184.5.dr, chromecache_137.5.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_136.5.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_194.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.cachegroup-nerve.min.js
Source: chromecache_196.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.1ds.323a60b.js.ma
Source: chromecache_153.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.638.3250f1d.js.ma
Source: chromecache_155.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.cvheadertheme.ce2
Source: chromecache_183.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.cvtitlerender.65b
Source: chromecache_144.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.postsubmit.b7eca1
Source: chromecache_168.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.quiz.6dc4e0a.js.m
Source: chromecache_156.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.utel.c1af5df.js.m
Source: chromecache_138.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.vendors.e0d6b00.j
Source: chromecache_152.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.min.js.map/72d2a4ad6536
Source: chromecache_139.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/telemetry-worker.1.js.map/2fc1de80443abf8
Source: chromecache_148.5.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq
Source: chromecache_164.5.dr, chromecache_145.5.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_197.5.dr	String found in binary or memory: https://eu.starton-ipfs.com/ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4
Source: chromecache_161.5.dr	String found in binary or memory: https://eu.starton-ipfs.com/ipfs//bafkreihlmuj4dgrrfefwbk5jt5vcn5se5l536iv6ajk2twitojueluhote
Source: chromecache_136.5.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://gcv.microsoft.us/wf1HuXWFXi
Source: chromecache_163.5.dr	String found in binary or memory: https://getbootstrap.com)
Source: chromecache_174.5.dr, chromecache_190.5.dr, chromecache_171.5.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_171.5.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/customize/)
Source: chromecache_147.5.dr	String found in binary or memory: https://github.com/SoapBox/linkifyjs
Source: chromecache_174.5.dr, chromecache_190.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_171.5.dr, chromecache_163.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_190.5.dr, chromecache_163.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_153.5.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_153.5.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_153.5.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_131.5.dr	String found in binary or memory: https://lists.gcc.osi.office365.us/Images/f8c813f9-acbb-4b18-bb10-10729643538d/1b5da865-0b25-4d96-82
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html
Source: chromecache_152.5.dr	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: chromecache_136.5.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_153.5.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_136.5.dr	String found in binary or memory: https://underscorejs.org
Source: chromecache_164.5.dr, chromecache_145.5.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49717 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@23/126@46/21

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5876 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5876 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: chromecache_171.5.dr

Binary or memory string: '}.ms-Icon--ConnectVirtualMachine::before{content:'

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
104.17.96.13	cloudflare-ipfs.com	United States	13335	CLOUDFLARENETUS	false
172.67.217.18	eu.starton-ipfs.com	United States	13335	CLOUDFLARENETUS	false
104.18.3.35	pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev	United States	13335	CLOUDFLARENETUS	false
13.107.246.40	part-0012.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.18.10.207	maxcdn.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
104.17.3.184	challenges.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
151.101.130.137	code.jquery.com	United States	54113	FASTLYUS	false
151.101.66.137	unknown	United States	54113	FASTLYUS	false
104.21.31.72	unknown	United States	13335	CLOUDFLARENETUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
172.67.175.66	bbann.com	United States	13335	CLOUDFLARENETUS	false
20.141.12.34	eafd-3p-profile.usgovtrafficmanager.net	United States	8070	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
207.211.31.113	url.us.m.mimecastprotect.com	United States	14135	NAVISITE-EAST-2US	false
52.127.240.65	osiusgcc-usge-teal-001.usgovvirginia.cloudapp.usgovcloudapi.net	United States	8070	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
18.165.98.33	cdn.glitch.me	United States	3	MIT-GATEWAYSUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.251.16.99	www.google.com	United States	15169	GOOGLEUS	false
18.165.98.15	unknown	United States	3	MIT-GATEWAYSUS	false
104.17.25.14	unknown	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16
192.168.2.9

Contacted Domains

Name	IP	Active
cdn.glitch.me	18.165.98.33	true
maxcdn.bootstrapcdn.com	104.18.10.207	true
cloudflare-ipfs.com	104.17.96.13	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
bbann.com	172.67.175.66	true
url.us.m.mimecastprotect.com	207.211.31.113	true
code.jquery.com	151.101.130.137	true
eafd-3p-profile.usgovtrafficmanager.net	20.141.12.34	true
cdnjs.cloudflare.com	104.17.24.14	true
challenges.cloudflare.com	104.17.3.184	true
osiusgcc-usge-teal-001.usgovvirginia.cloudapp.usgovcloudapi.net	52.127.240.65	true
www.google.com	142.251.16.99	true
part-0012.t-0009.t-msedge.net	13.107.246.40	true
eu.starton-ipfs.com	172.67.217.18	true
pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev	104.18.3.35	true
windowsupdatebg.s.llnwi.net	69.164.0.0	true
customervoice.microsoft.us	unknown	unknown
lists.gcc.osi.office365.us	unknown	unknown
gcv.microsoft.us	unknown	unknown
cdn.glitch.global	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png	false		high
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.1ds.323a60b.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/cdn/scripts/dists/telemetry-worker.1.js	false	Avira URL Cloud: safe	unknown
https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/favicon.ico	false	Avira URL Cloud: safe	unknown
https://code.jquery.com/jquery-3.2.1.slim.min.js	false		high
https://gcv.microsoft.us/wf1HuXWFXi	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Pages/ResponsePage.aspx/GetResourceStrings	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js	false		high
https://customervoice.microsoft.us/formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.postsubmit.b7eca17.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://cloudflare-ipfs.com/favicon.ico	false	Avira URL Cloud: phishing	unknown
https://customervoice.microsoft.us/Scripts/dists/ls-pro.en-us.18e0edc91.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	false		unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.quiz.6dc4e0a.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/FormsPro/Scripts/Vendors/combined/basics_osi_v5_j3_3997ff6.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u	false		unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.638.3250f1d.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://bbann.com/wet85/admin/js/sc.php?r=ZW0sZW1haWwsYWRk	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.cvheadertheme.ce22c68.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js	false		high
https://customervoice.microsoft.us/css/dist/cv-response-page.min.css?v=b3c1eb4c85&ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css	false		high
https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	true		unknown
https://customervoice.microsoft.us/FormsPro/Scripts/Vendors/combined/response_v2_5234a19.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://code.jquery.com/jquery-3.1.1.min.js	false		high
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.utel.c1af5df.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback	false		high
https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/images/gmail.png	false	Avira URL Cloud: safe	unknown
https://eu.starton-ipfs.com/ipfs//bafkreihlmuj4dgrrfefwbk5jt5vcn5se5l536iv6ajk2twitojueluhote	false	Avira URL Cloud: safe	unknown
https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	false		high
https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png	false		high
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.cvtitlerender.65b951b.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.cachegroup-nerve.min.js?v=b3c1eb4c85&ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://eu.starton-ipfs.com/ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4	false	Avira URL Cloud: phishing	unknown
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	false		high
https://customervoice.microsoft.us/formapi/api/privacy?ownerTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&currentUserTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&isAnonymous=true	false	Avira URL Cloud: safe	unknown
https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png	false		high
https://bbann.com/wet85/c1881e3.php	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/FormsPro/Images/CustomerVoice/CustomerVoice.ico	false	Avira URL Cloud: safe	unknown
https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us	false		unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.min.js?v=b3c1eb4c85&ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://customervoice.microsoft.us/Scripts/dists/response-page-pro.chunk.vendors.e0d6b00.js?ring=UsGovGccProduction	false	Avira URL Cloud: safe	unknown
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js	false		high
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css	false		high

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 13:05:16 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	0B196859CF3E63AD811CD354E40C412C	36FCA37BD805594897F5A65302836F70FF0A8B25	860626106B37C0D8785F60A4DEF5BC105A154EA88B50FF701F4FA74170AD4B1C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 13:05:16 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	57AD2BBFD21EB998319A0C08BC024629	ADEE9E6B05A0E9D8DA3FA340889D2E11895CEF6A	1087E6D5D1A9723A6E0A5ED05AFF8BF65F8E956FE9F5FD5F99C9D0CC183DFAB2
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:56:51 2023, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	29B085DC37D338BC434230AAA7888FCA	191C3664C37181329069B07FAB557458549E7405	E304DB0FF64AB48E8259A49FD8D6F600003F5B3CDC6EC80FCFD02510B186DC69
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 13:05:16 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	8A07A0211A17A6002FC887894703F6BD	390804EA71B42019BFADED313ACBEA5A718A3EAE	186433B5FF1690C6410A8EABA3995D312401C0903F171D8D60D8AFEDDA8DE88E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 13:05:16 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	B5F2A55CD85C568E845B2CD57331C11E	9AA833E4A214C3649D7BE8CBD3D527E7F9FB9C09	36F7DAEC87C5EEA0F259D38D73591B79205D7BD933E80DFDC7BC1866ED2E7B67
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Tue Mar 26 13:05:16 2024, atime=Wed Sep 27 08:36:55 2023, length=1210144, window=hide	FABBAF8DC368B90C4D49810078FC9C7D	31CA18C9D444CDC3BA1B03B7FC901E779D400276	3EBFB075AEB08C2CBA08F307602D7F898B0D6D773FEAEC9180F83C5290FE103A
Chrome Cache Entry: 131	JSON data	28E70D7DDCB873A9845C7A75EB0FF073	A6CCFCACEC5CD7C26C61DE2DE051ECEE7ACAD12E	F29AE1F724EE8403F8D39186CE3FA103D770FE1BE0E502EC73C777C838173805
Chrome Cache Entry: 132	PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced	A5CDADD60382E9AE6228121542EB1C2A	CEC15F6470D0237569E931D7D11752B41AC5D8A3	71E729939E175F4AE9D3FCC645D6B7389EC341A47A84950E047197331FDC22F1
Chrome Cache Entry: 133	PNG image data, 228 x 66, 8-bit/color RGBA, non-interlaced	0D84B997C50F7F9015C532A44E945A83	DF610B8C49FB0CA12E50E5306582CD4007FFF6F6	B1996199151427B4600EAEC6389A0259A582E954C45B2B6B8220A4B2C0E02134
Chrome Cache Entry: 134	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	EE2B357FA5FBA69AF238168E3A1A27E1	B5DD4606BEDBF1D705A01F833802248E03D01518	0FD813BAE48835570858A2508D9C29900B8A4CDDEBFF4A250E79AD12F8ACBDCB
Chrome Cache Entry: 135	PNG image data, 228 x 66, 8-bit/color RGBA, non-interlaced	0D84B997C50F7F9015C532A44E945A83	DF610B8C49FB0CA12E50E5306582CD4007FFF6F6	B1996199151427B4600EAEC6389A0259A582E954C45B2B6B8220A4B2C0E02134
Chrome Cache Entry: 136	ASCII text, with very long lines (47421), with CRLF line terminators	6E9386843C22345A256F324692D627F2	FEF7FADB3A27032695AAB726682A340D583BFC51	D40E9F33813211AA5DFABEEBF4A1571D488E56878954DE4D513A25B3525B3988
Chrome Cache Entry: 137	ASCII text, with very long lines (21084)	84415B7368FD6FC764CBE86039CE0626	62F238E73348C77EB9E865426A7D1B7DE23CBB2D	C776195AD46333C6C9A9FE3C74502FFEA9A02FAF122388EA3567922CC65A3060
Chrome Cache Entry: 138	ASCII text, with very long lines (65536), with no line terminators	4D5CEEE45615E16FF9E5B59F07F06782	0117F6F4AAE69E34983830D95B99D240778EE2F0	6FADE40437BEBEE439457D5683A1F6EAD708562697E7AD2F0C7A2148BC73F34E
Chrome Cache Entry: 139	ASCII text, with very long lines (58457)	62D1545FCE12E0397582E4D900A89EFD	D4B3BE160044C01E25B12F76973760386CEE2CA2	8C677EE4A629FA0473A019BBA10B46E8BE2FD926705E2649BC743BD97839C57C
Chrome Cache Entry: 140	PNG image data, 180 x 47, 8-bit/color RGBA, non-interlaced	82FFA6DF2743EE8A685F21989D166F00	27756A01363396965B4A8B952CC6DB51A7235125	798CE083F1CD84BE3DDBBA0F6CBFF55D9F7ADA668E74D6FFDC53A421DE461A92
Chrome Cache Entry: 141	ASCII text, with very long lines (65451)	DC5E7F18C8D36AC1D3D4753A87C98D0A	C8E1C8B386DC5B7A9184C763C88D19A346EB3342	F7F6A5894F1D19DDAD6FA392B2ECE2C5E578CBF7DA4EA805B6885EB6985B6E3D
Chrome Cache Entry: 142	ASCII text, with very long lines (32012)	5F48FC77CAC90C4778FA24EC9C57F37D	9E89D1515BC4C371B86F4CB1002FD8E377C1829F	9365920887B11B33A3DC4BA28A0F93951F200341263E3B9CEFD384798E4BE398
Chrome Cache Entry: 143	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced	A3CDFEAF028CF60D90337CE4BB1B632F	44F084707B89B3A999B9A58C06E872AC6CA909D3	2F128C34E99F47C352178964FC87AF68352B7395984D68313BBA7A5B2647ABAA
Chrome Cache Entry: 144	ASCII text, with very long lines (65536), with no line terminators	DA69DB81907CC110600C8989D38BB9D5	1CA81D11BCF858BC2774FD6C5414D83F06618406	1D95A437A2BF9545D8B862A9C7CF8E8B9A38D6520258BCBED8BE63EB54455689
Chrome Cache Entry: 145	HTML document, ASCII text, with very long lines (611)	DF3D48946E8D3F5A83608308EDBB4B86	47B9C40C97ABF2658DF96B1C06109324E15E1A00	570A6631252B8A52DF4DE0E953AE77DBDF524DFC3637CDA2840494A0D2B49499
Chrome Cache Entry: 146	ASCII text, with no line terminators	4C42AB4890733A2B01B1B3269C4855E7	5B68BFE664DCBC629042EA45C23954EEF1A9F698	F69E8FC1414A82F108CFA0725E5211AF1865A9CEA342A5F01E6B2B5ABE47E010
Chrome Cache Entry: 147	Unicode text, UTF-8 text, with very long lines (19569), with CRLF line terminators	162890ADA98A5DEF6640BBE57DA52EB9	06A3D551F9718164171E7517F18577B73F13B390	DA599489D3F86D69769A1D310A5E59838D7E72EAD0BCFE94851D0084318FCDC2
Chrome Cache Entry: 148	ASCII text, with CRLF line terminators	13FFB389E872859EDF3ECA8672B0B126	B9B39AF4708C237109C85FB17FD21666F3945EB3	3DCB32BF8B04D41FCFBB09F9E487EF2DBBDDEF2498A383449429A435589AB636
Chrome Cache Entry: 149	JSON data	522D63343781A56FFC9B3DC11A2090A3	CC23BA71DAA3B9605AE3C5BC862CBB79F96FF94F	C1DEF338C7A0564F5BC0FA7AB87D5366B49372A2EBDA4E2550269D783836C270
Chrome Cache Entry: 150	PNG image data, 180 x 47, 8-bit/color RGBA, non-interlaced	82FFA6DF2743EE8A685F21989D166F00	27756A01363396965B4A8B952CC6DB51A7235125	798CE083F1CD84BE3DDBBA0F6CBFF55D9F7ADA668E74D6FFDC53A421DE461A92
Chrome Cache Entry: 151	PNG image data, 288 x 193, 8-bit/color RGBA, non-interlaced	9E32794DCCE4C8D6A5A5D8F8C3B797B0	092010AD30F983C9043DA6C67ECB9F773C9A13F6	A55261CB30089B1C1EFAAF86E90BB81683D0C875B9D669E0B8939C449C2E858C
Chrome Cache Entry: 152	Unicode text, UTF-8 text, with very long lines (40515)	0C6F020C2EAAA68CA998AA158720EDFD	C5582182A53E63DD95F2B3AA2BE10D37F86078A7	A61962B6B38FBF8A4806E6F476F800520C2D0D184983D226511D180E173FBDEF
Chrome Cache Entry: 153	Unicode text, UTF-8 text, with very long lines (60976)	2F5D48A71CBEE9ABABF1C9B78B8FD892	65141885EE4988A9006E2D8583DBE2EB7DA2AC84	629F4CC6CEA0E185B7315CDAAF59192A34C2F4AC122396C3CCAAC6A2B6A9E0E0
Chrome Cache Entry: 154	JSON data	AF469AC6ABAAF7DA1ACC59F7292E6671	75ACAD50ED8287D26D5EA2C7380B09B6095DA453	AC8EA734A33366EF42F62398D95B4A9D912043522CF945405FD691F7AA342FED
Chrome Cache Entry: 155	ASCII text, with very long lines (23932)	955B3780D94E04954A81D2BACA687D35	B3F3234B6BEB96B1B5E1AD69FA22CE398220D715	9382E22FD7683906612A6416A12ECB81B1318B03CBB3A3E009A5A49687155B81
Chrome Cache Entry: 156	ASCII text, with very long lines (29782)	C84F161AC3232BC00553A19A9043D7A2	7487D80415B1E1EBE3B1454CE6B8EAC1701E4550	E0362CF9EE3665EA471A69CF31D723630899D6CF8F0A907655B32578C690262D
Chrome Cache Entry: 157	PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced	6843A244E12FAB158AA189680B5E7049	0E1C691F87CC4FA35C88344974F2829C40176B70	3A9B144D6482B78AFC4E0A940A1D3C22240F14FA535B808CF4DAB9635339569F
Chrome Cache Entry: 158	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250	21B761F2B1FD37F587D7222023B09276	F7A416C8907424F9A9644753E3A93D4D63AE640E	72D4161C18A46D85C5566273567F791976431EFEF49510A0E3DD76FEC92D9393
Chrome Cache Entry: 159	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	EE2B357FA5FBA69AF238168E3A1A27E1	B5DD4606BEDBF1D705A01F833802248E03D01518	0FD813BAE48835570858A2508D9C29900B8A4CDDEBFF4A250E79AD12F8ACBDCB
Chrome Cache Entry: 160	ASCII text, with very long lines (32030)	E071ABDA8FE61194711CFC2AB99FE104	F647A6D37DC4CA055CED3CF64BBC1F490070ACBA	85556761A8800D14CED8FCD41A6B8B26BF012D44A318866C0D81A62092EFD9BF
Chrome Cache Entry: 161	HTML document, ASCII text, with no line terminators	1AF82977CCBFFC7D9024B360292E44BD	A454DC438A691513F1D4F83F2146128A7888A735	6FF5655E601A4652ECC067803F92D2271AD99A7D29BC6871BE513A8F268C76D1
Chrome Cache Entry: 162	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 295x154, components 3	92F2036BE041F3C4822DB064E1CFC830	586224B606E79B4C9FE574B1E6C7619B08E98601	4C2A8A33CE64290F1DC12258536A889843E8B1C245A2183CA51A6CE5AFCADA41
Chrome Cache Entry: 163	ASCII text, with very long lines (48664)	14D449EB8876FA55E1EF3C2CC52B0C17	A9545831803B1359CFEED47E3B4D6BAE68E40E99	E7ED36CEEE5450B4243BBC35188AFABDFB4280C7C57597001DE0ED167299B01B
Chrome Cache Entry: 164	HTML document, ASCII text, with very long lines (611)	DF3D48946E8D3F5A83608308EDBB4B86	47B9C40C97ABF2658DF96B1C06109324E15E1A00	570A6631252B8A52DF4DE0E953AE77DBDF524DFC3637CDA2840494A0D2B49499
Chrome Cache Entry: 165	PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced	6843A244E12FAB158AA189680B5E7049	0E1C691F87CC4FA35C88344974F2829C40176B70	3A9B144D6482B78AFC4E0A940A1D3C22240F14FA535B808CF4DAB9635339569F
Chrome Cache Entry: 166	ASCII text, with very long lines (32065)	2F6B11A7E914718E0290410E85366FE9	69BB69E25CA7D5EF0935317584E6153F3FD9A88C	05B85D96F41FFF14D8F608DAD03AB71E2C1017C2DA0914D7C59291BAD7A54F8E
Chrome Cache Entry: 167	PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced	A3CDFEAF028CF60D90337CE4BB1B632F	44F084707B89B3A999B9A58C06E872AC6CA909D3	2F128C34E99F47C352178964FC87AF68352B7395984D68313BBA7A5B2647ABAA
Chrome Cache Entry: 168	ASCII text, with very long lines (2530)	1D91B187A32745D330A2077FDADD872B	055D7BB0CF69E295C06346221B784359FA9199E2	2453F3D239A982DCF75B5DFA55261BC8BF77D04591F331847784AC4982E62F7E
Chrome Cache Entry: 169	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 170	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 250	21B761F2B1FD37F587D7222023B09276	F7A416C8907424F9A9644753E3A93D4D63AE640E	72D4161C18A46D85C5566273567F791976431EFEF49510A0E3DD76FEC92D9393
Chrome Cache Entry: 171	Unicode text, UTF-8 text, with very long lines (64954), with CRLF line terminators	416B512C6FF81B7E3BD675E455905146	9F96EE2E55FDBED40B31BE7C24A97008A044404B	C400728CA705268C42BAFCADB6FD5E3AEA844F950E145C6F7E835D08E4C22259
Chrome Cache Entry: 172	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 173	PNG image data, 330 x 330, 8-bit/color RGBA, non-interlaced	BEB949471F269B1663C6F471F03B2212	C10F57DE17B1089D51803F0CF0100736187C5E00	FF0F6F5354A28803CF4BCD84DFA637D100482B78B2B34DF098220F3D43D20C19
Chrome Cache Entry: 174	ASCII text, with very long lines (65326)	816AF0EDDD3B4822C2756227C7E7B7EE	C470239D4C7DB36D56DC3A74A080C62218C6EDC4	5B0FBE5B7AD705F6A937C4998AD02F73D8F0D976FE231B74AEF0EC996990C93A
Chrome Cache Entry: 175	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905	5C7ACF60A2ACAA5C54BF2B2EC6D484D8	F1837FD5DB6DAD498148D7D77438DE693114B042	EE21196A4F5EF64135B7998E58F1E7210608674E3FDF97B328C1C237E3B184DB
Chrome Cache Entry: 176	JSON data	AF469AC6ABAAF7DA1ACC59F7292E6671	75ACAD50ED8287D26D5EA2C7380B09B6095DA453	AC8EA734A33366EF42F62398D95B4A9D912043522CF945405FD691F7AA342FED
Chrome Cache Entry: 177	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 2905	5C7ACF60A2ACAA5C54BF2B2EC6D484D8	F1837FD5DB6DAD498148D7D77438DE693114B042	EE21196A4F5EF64135B7998E58F1E7210608674E3FDF97B328C1C237E3B184DB
Chrome Cache Entry: 178	JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 295x154, components 3	92F2036BE041F3C4822DB064E1CFC830	586224B606E79B4C9FE574B1E6C7619B08E98601	4C2A8A33CE64290F1DC12258536A889843E8B1C245A2183CA51A6CE5AFCADA41
Chrome Cache Entry: 179	ASCII text, with very long lines (47992), with no line terminators	CF3402D7483B127DED4069D651EA4A22	BDE186152457CACF9C35477B5BDDA5BCB56B1F45	EAB5D90A71736F267AF39FDF32CAA8C71673FD06703279B01E0F92B0D7BE0BFC
Chrome Cache Entry: 180	ASCII text	66380F8464CDF16AB2B431AF6B8ED50C	01577CFE3691533840EE4511085E01ACF40E7C57	EB6513C19A31290B60ABA99F6A26F644EAFBBF22BE0255A9D913726845D0EE99
Chrome Cache Entry: 181	ASCII text, with very long lines (39928)	7F3FE50B0F2AD92528FF217C1B608B27	54FC4814C739C7142EF4A5B562140EE764BCBDFC	D2E584D67A5B1A868363ED5E83A72EA6BC2CAD8A052F64583D0FE95E7FA36E97
Chrome Cache Entry: 182	JSON data	28E70D7DDCB873A9845C7A75EB0FF073	A6CCFCACEC5CD7C26C61DE2DE051ECEE7ACAD12E	F29AE1F724EE8403F8D39186CE3FA103D770FE1BE0E502EC73C777C838173805
Chrome Cache Entry: 183	ASCII text, with very long lines (14182)	39FE53EB9274BE422813B6756D3951E8	5E7E1AA6347DD66A7B52BB3AC94EC50BB0BEC9E5	E91EBC90763C7B778FC6FD26FC0524D9D8584DE71A1A6E2ABB6D54492D3472D8
Chrome Cache Entry: 184	ASCII text, with very long lines (19015)	70D3FDA195602FE8B75E0097EED74DDE	C3B977AA4B8DFB69D651E07015031D385DED964B	A52F7AA54D7BCAAFA056EE0A050262DFC5694AE28DEE8B4CAC3429AF37FF0D66
Chrome Cache Entry: 185	troff or preprocessor input, ASCII text, with very long lines (372)	C495654869785BC3DF60216616814AD1	0140952C64E3F2B74EF64E050F2FE86EAB6624C8	36E0A7E08BEE65774168528938072C536437669C1B7458AC77976EC788E4439C
Chrome Cache Entry: 186	ASCII text	3705A706C0BD30629EB61A386247798A	8B711E18272CB980BC4BA26D6CD49FA566A423C8	6780CCBE88D94C323426BE9B2F010A00871EC5D25F60AB421BFFF15475FC7E5F
Chrome Cache Entry: 187	PNG image data, 186 x 125, 8-bit/color RGBA, non-interlaced	B4CA3D7E78ECA1A8BF4C17342A3D912E	286C34C96903FB166DCA1A8348E512A3D1C02AFF	2E7A35E40335DAD9749A65939F5820870710161B9715847E348FFEBCC259BFDA
Chrome Cache Entry: 188	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390	9D372E951D45A26EDE2DC8B417AAE4F8	84F97A777B6C33E2947E6D0BD2BFCFFEC601785A	4E9C9141705E9A4D83514CEE332148E1E92126376D049DAED9079252FA9F9212
Chrome Cache Entry: 189	PNG image data, 288 x 193, 8-bit/color RGBA, non-interlaced	9E32794DCCE4C8D6A5A5D8F8C3B797B0	092010AD30F983C9043DA6C67ECB9F773C9A13F6	A55261CB30089B1C1EFAAF86E90BB81683D0C875B9D669E0B8939C449C2E858C
Chrome Cache Entry: 190	ASCII text, with very long lines (59765)	02D223393E00C273EFDCB1ADE8F4F8B1	0CC93B8421D89C24A889642428B363CB831DE78A	79C599DD760CEC0C1621A1AF49D9A2A49DA5D45E1B37D4575BACE0A5E0226582
Chrome Cache Entry: 191	PNG image data, 186 x 125, 8-bit/color RGBA, non-interlaced	B4CA3D7E78ECA1A8BF4C17342A3D912E	286C34C96903FB166DCA1A8348E512A3D1C02AFF	2E7A35E40335DAD9749A65939F5820870710161B9715847E348FFEBCC259BFDA
Chrome Cache Entry: 192	ASCII text, with no line terminators	D0FBDA9855D118740F1105334305C126	BC3023B36063A7681DB24681472B54FA11F0D4EC	A469AB4CA4E55BF547566E9EBFA1B809C933207E9D558156BC0C4252B17533FE
Chrome Cache Entry: 193	PNG image data, 330 x 330, 8-bit/color RGBA, non-interlaced	BEB949471F269B1663C6F471F03B2212	C10F57DE17B1089D51803F0CF0100736187C5E00	FF0F6F5354A28803CF4BCD84DFA637D100482B78B2B34DF098220F3D43D20C19
Chrome Cache Entry: 194	ASCII text, with very long lines (63096)	2F2B6883DF506FA11029D1E46167C453	B0F9C2613CC01C3EE9B10F12E298CC815D149A05	9FFB74A4DFB18D0DD5132133F104C008A15540DA87EF94A41F7B4C542D7F03C5
Chrome Cache Entry: 195	PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced	A5CDADD60382E9AE6228121542EB1C2A	CEC15F6470D0237569E931D7D11752B41AC5D8A3	71E729939E175F4AE9D3FCC645D6B7389EC341A47A84950E047197331FDC22F1
Chrome Cache Entry: 196	ASCII text, with very long lines (47337)	0627D9EF086A17447095E99090FD9AFA	584B355FA3F176BF0658A87C6267D0B95F3CA34A	B2A2FBED29B3EE7A0BE695ADC0A7C45C7EFAE9F958030D77E0944A9C9C7672D2
Chrome Cache Entry: 197	HTML document, ASCII text, with no line terminators	1BBFDCE53A394FC80469F872D9F1EBFE	3D5C34D8C64CD8A9809CACC77579F24B93DBE899	DE7FC1D12DD92A4BB7756631186FFE016ED9E6C5FF86390F3352B8A3AE604E4B
Chrome Cache Entry: 198	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 7390	9D372E951D45A26EDE2DC8B417AAE4F8	84F97A777B6C33E2947E6D0BD2BFCFFEC601785A	4E9C9141705E9A4D83514CEE332148E1E92126376D049DAED9079252FA9F9212
Chrome Cache Entry: 199	JSON data	522D63343781A56FFC9B3DC11A2090A3	CC23BA71DAA3B9605AE3C5BC862CBB79F96FF94F	C1DEF338C7A0564F5BC0FA7AB87D5366B49372A2EBDA4E2550269D783836C270

AV Detection

Antivirus detection for URL or domain

Source: https://cloudflare-ipfs.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://eu.starton-ipfs.com/ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4	Avira URL Cloud: Label: phishing

Phishing

Phishing site detected (based on favicon image match)

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

Matcher: Template: microsoft matched with high similarity

Yara detected HtmlPhish10

Source: Yara match	File source: 1.5.pages.csv, type: HTML
Source: Yara match	File source: 1.4.pages.csv, type: HTML
Source: Yara match	File source: 1.6.pages.csv, type: HTML

Phishing site detected (based on image similarity)

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site or detected (based on various text indicators)

Source: Chrome DOM: 2.3

HTML body contains low number of good links

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: Number of links: 0
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: Number of links: 0

HTML body contains password input but no form action

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: <input type="password" .../> found but no <form action="...

HTML body with high number of embedded images detected

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Total embedded image size: 31111

HTML page contains hidden URLs or javascript code

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Base64 decoded: https://bbann.com/wet85/c1881e3.php

HTML title does not match URL

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: Title: Sign in to Best Productivity Provider! does not match URL
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: Title: Adobe&Businessing does not match URL

Invalid 'forgot password' link found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq

HTTP Parser: Invalid link: Forgot my password

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: <input type="password" .../> found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: <input type="password" .../> found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No favicon
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No favicon

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="author".. found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No <meta name="author".. found

Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq	HTTP Parser: No <meta name="copyright".. found
Source: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49721 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49717 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.206.229.209:443 -> 192.168.2.9:49721 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 23.221.242.90
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.11
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.209
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us HTTP/1.1Host: url.us.m.mimecastprotect.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /r/5Y9qj2ovODYJg8Nk8LachRrb55aIABvFf6WSMfRL0JEX1GBfHGz6Wz7IMWeV3hL0f4yiiLEyLFy6Qcax7xNf_crmekKRuEvZ5Vp9WPLoA3YxLZtVbzY2qxdrNPtBUgG2RXtpcyQSjLOVJvhdxYe9W8huUOPt-OVz9xqsK6u2deT4iP5s9WP97dHUExvPfseFPrCTqf8uaGZ-xfXk3-epY3LdHOgOXBL8LBoHL6QEQ4FTBfpUgr2Os4JdGC798XjWS4dxdYVeZvzIEUYuh9RP3V1XP9wMtgdjqZNwKGqTChuXgfRMNmgwj_ei6SnwQvD4arXViH_JQaLGFLMkcupBMN8_tiDj0iSN828l4HujYFAcoXVzx-DktUf9Sxn0_axQl8eSdHlKyIUn8yKqhub3h4-wCXe7sLiVhvly-C5Gc7W4EINvscxZjpsL8Jw9BIlNfovsvZIOf9IcLpvPeFjos0m-bm9BwdL6ggAVTQo3DljDzwp7JAfPHDoer4w8mkqoDhr6uhizCsTR8S6_zrlQpgefCMI7Hns11ZKBixXginyE1G2R1DXWJGx5D5p_gAUGdTJUjKogbDmo86PN7uy_N-GcBizh146Hv1pQFFnIjCe3YUsagUJhdVUqhQqFjJQ9DX0dNTlFY6DO_dGP7Bs8TMLpd5l3Qipz7D2wYlZcRfGtoAiMGavKXxXcNlFFLMnIujSPA3IcVlM7_Oyu-wEUn98bX-tSzlj1crTrKCkgsQCzqvB4aGZSeSI3IQP0WdDowYf4N8niE6SjKIPsBovy8SPXKb9uGmZr1l5Hx0z1DObRrbqpYJ0g5fRBgtSEShwce3xdGak9aj635HL11owI-a8RqLIh3X1o9LOXFrLBZACM8nGx4SIN9vd-D7L3mGNuVorpbLWGTGB_E7V8z-_6p2A8MGPW0gml6gLvfcBI3vszhMhIm6jmdWXDa9woaIRrg-a9aJnPmE6OZxbhC5FqBgsgEJ6HuuxsLIEDCXFFXQU_WmmxF021ejMxWDXUmGA5sPkig2392sqrFCK1K1BtRmCl4zH8hVICzr5QR2Z4XU_3jjp_ddoZub9s04sheoNO2EgEyLX8NsnOU7ezzp8QWzCbDa6FcvprNV_u8pt7WdMLe0DTZPpMy7AJuoKmcmckS4KE0c0gLBapy5WM9q3K9D9gCUmIME2KkML9IW921AUUXsRf1pjUiNLqKnOs0slR5aEVCMHKsZtG2di8x2-1z0EyLSCNPRDUa1Las-5tQ04bG6rWQMma1UDln95kfmaIzyLPRYTTP2UhcMO1ngaYPUBFCg8ToFajmHfnAdkJbahEtOggPwamgBK0zCybCe7CswiYcYq8mEC98NdUN0YlJxb3BqywgwPXmB66MEGJ4WlIoYZYHv3c6RxPtVarpZ0pgxHJhcc3E73yavorxZly7qjui0ePSIL4qQUYKMJJs_HlrL6bj8YgAxR7PWQfqMN7OTe5QeoIRb174gZnUJAjWVtXaW8erMn6oOItO9bfGuKysU7S0V7v0vGZ0X4WPaQ2MZTeB5ALNcmu0UJYiGwZGQk8ycQsL2mS5hmlEVBLloLZvSPdGSbwUDY4cgC8Qw-MvrXjo7qLi4pUN8zhUR0_F9-Q46hpYd7JJOpm18a0BdjN4Hreh4wols08pGIx9akb5azeZbG5MHcjRSPXESNCYixFZ45_1a28XsCEpKFMJqKX5VYUVVMIaNnO79EZ1ky4ioqW_tZQTTFsgNsS2dCn_pgDQzM0EZ0wwHiEJGp8dbeBNR8f3jdrnKRCgDpTIdObOLywWNp6IPNreO1eOim4I35d-n9S0upmpUeo759AaJ7C5uLVxWEABcbbY_7vekcBMk6o0027GJ0SLs76YLXaWquhlIiIM2t0KAGG-D7XteGhzL_-6eYlERP2qcqHc3hd2NnIc39QMSHlq7z3DIzITMUJ1mvPKRVKYr9tySVSl3o4Kc-156AK2CrlObDYeIYHD0LzBAOvTJ2ZYcqfM5Tcs-bI4KwFkwYOTq3egAaNzMCu2rxiv4DGT5SUTYs9c6WPuVzD4ZIDX4jw-AfrBCLiwfAsTECufkYBmc8yDVADGfA7LcyXYeIBkxyPOLiVtDxInvft7-VgXg5CGxq6WuY78bZpSqGjSp_0YJ_IboRqF8Io1XVvpXSNri9uOGCL4tkgQDZjcGzofBVkzs9CbiwMDKWE5CDo7L_h7l04BcBorKQ87KdgopfOUS9I0rNrQ675W75pQ11pG-r5snFTeA5T0gFBGZeayDFhxkLtPHYntZyr5kQJLTg5V87xUOJh0UMP HTTP/1.1Host: url.us.m.mimecastprotect.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /wf1HuXWFXi HTTP/1.1Host: gcv.microsoft.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/dist/cv-response-page.min.css?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/ls-pro.en-us.18e0edc91.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Scripts/Vendors/combined/basics_osi_v5_j3_3997ff6.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Scripts/Vendors/combined/response_v2_5234a19.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.cachegroup-nerve.min.js?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.min.js?v=b3c1eb4c85&ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://customervoice.microsoft.ussec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$expand=questions($expand=choices) HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/json__RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.1ds.323a60b.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.utel.c1af5df.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.postsubmit.b7eca17.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.quiz.6dc4e0a.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$expand=questions($expand=choices) HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.638.3250f1d.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.vendors.e0d6b00.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Pages/ResponsePage.aspx/GetResourceStrings HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CorrelationId: 28d2eb97-da97-41bc-acbb-8070e17e33b6X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0Authorization: OData-MaxVersion: 4.0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: application/jsonContextParams: __RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1x-ms-form-request-source: ms-formwebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /cdn/scripts/dists/telemetry-worker.1.js HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Images/CustomerVoice/CustomerVoice.ico HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.cvheadertheme.ce22c68.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/f8c813f9-acbb-4b18-bb10-10729643538d/users/1b5da865-0b25-4d96-82dc-8362c1f0a3f3/light/runtimeForms('-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4u')?$select=id,customCssFileName,customCSSInLineHeaderToggle,footerText HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /Scripts/dists/response-page-pro.chunk.cvtitlerender.65b951b.js?ring=UsGovGccProduction HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /FormsPro/Images/CustomerVoice/CustomerVoice.ico HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/privacy?ownerTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&currentUserTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&isAnonymous=true HTTP/1.1Host: customervoice.microsoft.usConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"X-CorrelationId: c8f9e327-091c-4fc6-9b94-f6d8380c6309X-UserSessionId: d5686666-7cc1-47a0-a2e0-4a937b74a29fx-ms-form-request-ring: formsprogccsec-ch-ua-mobile: ?0Authorization: OData-MaxVersion: 4.0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: application/jsonContextParams: __RequestVerificationToken: PF04Emzlw4rNxV_Q0yJo3eFnKDGUrq318EFhPWzkCK4EdSbAziaOUGNybs3-f83x4KhqmtTYSgtwHIxV5U58nsEdZAwTLVrIRJ_RSz81Jiw1x-ms-form-request-source: ms-formwebsec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://customervoice.microsoft.us/Pages/ResponsePage.aspx?id=-RPI-LusGEu7EBBylkNTjWWoXRslC5ZNgtyDYsHwo_NUQjZXWldIOE5OQ09NQUVRWUlERUE1SVYwTC4uAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /formapi/api/privacy?ownerTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&currentUserTenantId=f8c813f9-acbb-4b18-bb10-10729643538d&isAnonymous=true HTTP/1.1Host: customervoice.microsoft.usConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=IeOeu1BJTUEg2D2Ri1CE1ekq6k_OU-3SHTZFM6NfUiCdgb-Aj6SNan6HaYjsKOPN0MQ9yk9ae6jtHNTErTzMhfqtR79vliFqmI6_CYl1FsU1
Source: global traffic	HTTP traffic detected: GET /ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq HTTP/1.1Host: cloudflare-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ipfs//bafkreihlmuj4dgrrfefwbk5jt5vcn5se5l536iv6ajk2twitojueluhote HTTP/1.1Host: eu.starton-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/admin/js/sc.php?r=ZW0sZW1haWwsYWRk HTTP/1.1Host: bbann.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.1.1.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: cloudflare-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqqAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __cf_bm=laouNJpugs1ex0aFjluIi.bVlixoa1nlRCy9MUfY3Kc-1711472753-1.0.1.1-88CDVD3gxet2CYZEE6lJ1gcRmnu11y8mS0dC_ey3oCZPCZyMhguDbzjbzcaDxsBhN5y_0j1rnn4URNZEIS5tfw
Source: global traffic	HTTP traffic detected: GET /20240320.html HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4 HTTP/1.1Host: eu.starton-ipfs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://cloudflare-ipfs.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/c1881e3.php HTTP/1.1Host: bbann.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/gmail.png HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png HTTP/1.1Host: cdn.glitch.meConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png HTTP/1.1Host: cdn.glitch.meConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/admin/js/sc.php?r=ZW0sZW1haWwsYWRk HTTP/1.1Host: bbann.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloudflare-ipfs.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wet85/c1881e3.php HTTP/1.1Host: bbann.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=9c9m90iijkrebepf8lj413i3kl
Source: global traffic	HTTP traffic detected: GET /images/gmail.png HTTP/1.1Host: pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: url.us.m.mimecastprotect.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:05:56 GMTContent-Type: text/plain;charset=UTF-8Content-Length: 14Connection: closeServer: cloudflareCF-RAY: 86a8ba750d303998-IADalt-svc: h3=":443"; ma=86400
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:00 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8ba921c832d27-IAD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:04 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8baabf8d920a8-IAD
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 26 Mar 2024 17:06:20 GMTContent-Type: text/htmlContent-Length: 27242Connection: closeServer: cloudflareCF-RAY: 86a8bb0a2a63874e-IAD

Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.ca
Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.github.io/pickadate.js
Source: chromecache_147.5.dr	String found in binary or memory: http://amsul.github.io/pickadate.js/date.htm
Source: chromecache_152.5.dr	String found in binary or memory: http://api.jqueryui.com/category/ui-core/
Source: chromecache_185.5.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_185.5.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_152.5.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_152.5.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_184.5.dr, chromecache_137.5.dr	String found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_136.5.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_194.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.cachegroup-nerve.min.js
Source: chromecache_196.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.1ds.323a60b.js.ma
Source: chromecache_153.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.638.3250f1d.js.ma
Source: chromecache_155.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.cvheadertheme.ce2
Source: chromecache_183.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.cvtitlerender.65b
Source: chromecache_144.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.postsubmit.b7eca1
Source: chromecache_168.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.quiz.6dc4e0a.js.m
Source: chromecache_156.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.utel.c1af5df.js.m
Source: chromecache_138.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.chunk.vendors.e0d6b00.j
Source: chromecache_152.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/response-page-pro.min.js.map/72d2a4ad6536
Source: chromecache_139.5.dr	String found in binary or memory: https://artifacts.dev.azure.com/office/_apis/symbol/symsrv/telemetry-worker.1.js.map/2fc1de80443abf8
Source: chromecache_148.5.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://cloudflare-ipfs.com/ipfs/QmaqMWSMmFwW7SbsXKqBSuobdX9g61JdEcrDRf9KbxvBqq
Source: chromecache_164.5.dr, chromecache_145.5.dr	String found in binary or memory: https://developers.cloudflare.com/r2/data-access/public-buckets/
Source: chromecache_197.5.dr	String found in binary or memory: https://eu.starton-ipfs.com/ipfs//bafkreidhqdgl5cgzjqzdijv6tmxqccqaq4pmlus7mcvueg776fkhl7d6l4
Source: chromecache_161.5.dr	String found in binary or memory: https://eu.starton-ipfs.com/ipfs//bafkreihlmuj4dgrrfefwbk5jt5vcn5se5l536iv6ajk2twitojueluhote
Source: chromecache_136.5.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://gcv.microsoft.us/wf1HuXWFXi
Source: chromecache_163.5.dr	String found in binary or memory: https://getbootstrap.com)
Source: chromecache_174.5.dr, chromecache_190.5.dr, chromecache_171.5.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_171.5.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/customize/)
Source: chromecache_147.5.dr	String found in binary or memory: https://github.com/SoapBox/linkifyjs
Source: chromecache_174.5.dr, chromecache_190.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_171.5.dr, chromecache_163.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_190.5.dr, chromecache_163.5.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_153.5.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_153.5.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_153.5.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_131.5.dr	String found in binary or memory: https://lists.gcc.osi.office365.us/Images/f8c813f9-acbb-4b18-bb10-10729643538d/1b5da865-0b25-4d96-82
Source: chromecache_182.5.dr, chromecache_131.5.dr	String found in binary or memory: https://pub-5160c1d91f874d45bcbd93d5b72aeffe.r2.dev/20240320.html
Source: chromecache_152.5.dr	String found in binary or memory: https://raw.githubusercontent.com/stefanpenner/es6-promise/master/LICENSE
Source: chromecache_136.5.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: chromecache_153.5.dr	String found in binary or memory: https://sizzlejs.com/
Source: chromecache_136.5.dr	String found in binary or memory: https://underscorejs.org
Source: chromecache_164.5.dr, chromecache_145.5.dr	String found in binary or memory: https://www.cloudflare.com/favicon.ico

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.221.242.90:443 -> 192.168.2.9:49717 version: TLS 1.2

Source: classification engine

Classification label: mal72.phis.win@23/126@46/21

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5876 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5876 --field-trial-handle=2000,i,9361532219045808421,9752647502903416410,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.3.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: chromecache_171.5.dr

Binary or memory string: '}.ms-Icon--ConnectVirtualMachine::before{content:'

ID:	1415993
Product:	CloudBasic
Start time:	18:04:23
Start date:	26.03.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://url.us.m.mimecastprotect.com/s/kyINCpYnk3FnPVPtPeQKH?domain=gcv.microsoft.us