Windows Analysis Report
https://aka.ms/vmsettings

Overview

General Information

Sample URL:	https://aka.ms/vmsettings
Analysis ID:	1427028
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

HTML title does not match URL

Classification

Signatures

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true

HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /vmsettings HTTP/1.1Host: aka.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: aka.ms

Source: chromecache_163.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_163.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_113.2.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_102.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/ac
Source: chromecache_148.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/co
Source: chromecache_148.2.dr, chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/re
Source: chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Acc
Source: chromecache_113.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_88.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: chromecache_150.2.dr	String found in binary or memory: https://login.microsoftonline.com/common
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/discovery/v2.0/keys
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/oauth2/v2.0/token
Source: chromecache_135.2.dr, chromecache_106.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Source: chromecache_88.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@18/135@20/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/vmsettings"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.41	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.54.202.151	aka.ms	United States	16625	AKAMAI-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
13.107.213.41	part-0013.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
64.233.176.147	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.17
192.168.2.4

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
part-0013.t-0009.t-msedge.net	13.107.213.41	true
cs1100.wpc.omegacdn.net	152.199.4.44	true
www.google.com	64.233.176.147	true
aka.ms	23.54.202.151	true
passwordreset.microsoftonline.com	unknown	unknown
identity.nel.measure.office.net	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
login.microsoftonline.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://aka.ms/vmsettings	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (8146), with no line terminators	202BF499BAE77412168664460B89A331	FC41889957A285DF00244F14750103F056ECA4F0	ABDAC73B6496F9E7254DD20BB733ED86A994A37FFABA5E2F97C1E65EFF1042A0
Chrome Cache Entry: 101	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 102	HTML document, Unicode text, UTF-8 text, with very long lines (1049), with CRLF line terminators	2EE85E8C47812013259476850F477DCB	CA70CF4094560E956295CACBD8298417C1DFF21D	CEE26D36B6BC6FBAAE6EB5B0F1E92B98182723ABF2F01BA1C4F948DDEB0F738E
Chrome Cache Entry: 103	ASCII text, with very long lines (1361), with no line terminators	DA7D1332261ED88721D7789EE34885D3	A6B91D159EC5C404F79AF56E64A01ABFED9D57FD	7713532B0C7B81C429E48992ABAB91D90EB7526237D6A27D8E97FCC7606CD27A
Chrome Cache Entry: 104	ASCII text	E813C8BC30E8C5618381FC6F81C09025	A8F7678DC6B0C862596465F47728287C9FF08408	9F1FE0893AA7ADDED0C421DF785DE2C55EBABC53525CDE44A1DC50BCA5B4C05A
Chrome Cache Entry: 105	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 106	JSON data	9FCE93410EB828E0EDF41D3F021D93E2	1584BC813F34E9B7356C6BD05CB2A14EC52E1590	F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
Chrome Cache Entry: 107	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 108	ASCII text, with CRLF line terminators	A17520454D4A65A399B863B5CC46D3FC	0A02C72D7AFCD5198C590108E7F2302A1F75544D	62E5E7DC19D018BEDB24E2C89ED41271B9D94A6DDE3359CC9CABBC315385C0E5
Chrome Cache Entry: 109	JSON data	3E2129EC7EE0D22D5874D661893921C0	E6B20A5603F8B9292D46E2A74E32D1DDC6229196	C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
Chrome Cache Entry: 110	ASCII text, with very long lines (61363)	90DB4147268D4ADA93C2E4262E31B22F	65EDC883B272E529A476FF5507A79A36EC0086CD	8387E32FA9AEFE45EF07EE36E4C864B08806AEB1B77D142E16C65306576854F8
Chrome Cache Entry: 111	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 112	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 444227	0868DA2DD5EFFED92904047439E49D48	D760173E5E6B25461B0D2A0B32D384FE659B2338	8C41E973CB5EE0194EBF3BAA0716EEEB57EED53552F042E200190E3C37F08CFD
Chrome Cache Entry: 113	ASCII text, with very long lines (65371)	225FDAB89A168A34ABD01851EAE49EC5	941ED4A82A2D7A09D857E7B7A0638C1C8C2CA945	09106D352497D72FD30CD52967D640304B7AE2C3F2CF5318F0B0EE2116F08D99
Chrome Cache Entry: 114	ASCII text	497FC804084107633A4BA83459342368	1A26C659CCA7B4EED6E67FA550832FBF25E540F6	14982788E902966B036D895893BB3C6D3F7080694B8AD435F0A7F0FCD9F1B2BE
Chrome Cache Entry: 115	ASCII text, with very long lines (65291)	C6233F019B1CA240C5483CF201876279	5DA690274C798A758F74A10DB090179597EB3063	747EA5A0D4A9AE62B42829E0F769FAE808F5EA8C37B1651431C7C206D081F36E
Chrome Cache Entry: 116	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 117	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 118	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 119	ASCII text, with no line terminators	06B313E93DD76909460FBFC0CD98CB6B	C4F9B2BBD840A4328F85F54873C434336A193888	B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
Chrome Cache Entry: 120	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 121	ASCII text, with CRLF line terminators	B3D7A123BE5203A1A3F0F10233ED373F	F4C61F321D8F79A805B356C6EC94090C0D96215C	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
Chrome Cache Entry: 122	ASCII text, with CRLF line terminators	11FE4E6509513DB245F1F97E37C5D3AB	05322C35B6BFAE84CE8C626BD7B1F8C4A6F15A6D	78D437B40A85299F96ED9D02E35F23FD3D3EF63D844D8D2523A15516F7E1D09C
Chrome Cache Entry: 123	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 124	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 125	ASCII text, with very long lines (39257), with CRLF line terminators	DA9DC1C32E89C02FC1E9EEB7E5AAB91E	3EFB110EFA6068CE6B586A67F87DA5125310BC30	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
Chrome Cache Entry: 126	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 127	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 128	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 223759	799F880143F17E47C4EFDBB3FF35A54C	8CECC74EB422322F78EDE1111F175A28725CCA9F	EA70CC2977F4DEB5236041A7A0628FA671FB8AD20A5E9E3FD6885A11359EF2FE
Chrome Cache Entry: 129	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 130	ASCII text, with very long lines (32044), with escape sequences	AD58638ECA677AB0314B116D3194F27A	66BF0499C3488B461ABD9C0ED62F8EC71A9594EA	4A8DF52B71E0FC738DA41E818F6B0E5E9D8FC116B65B56D017A237245B4383FA
Chrome Cache Entry: 131	ASCII text, with very long lines (32003)	4D67885F1B4E62EB8854011C1965C951	800369823C6E66E576464C51A74C658EF5399DB4	4D34FFB2BF8D2DF2EB7FFDDFD7DFFF419D601E21C4618F5A95CFF47FA0C21AC8
Chrome Cache Entry: 132	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 133	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 134	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 135	JSON data	9FCE93410EB828E0EDF41D3F021D93E2	1584BC813F34E9B7356C6BD05CB2A14EC52E1590	F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
Chrome Cache Entry: 136	ASCII text	FEFF24EBCB6B9ECDDBE4EE081CEB9E3F	1CBCBA2D7B11FBC8CEB1DB77C2E494ABF04702E9	A87D538EAFF9800A888EC6FD3138C08655CFECB4EBA2965F4B0EBACD751DEA8A
Chrome Cache Entry: 137	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 138	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 139	ASCII text, with no line terminators	D1690731F22021E1466FBCD0DB6326EF	78F95BA0B7F82BBB7067000242DE860594ABD9C3	490216DF4F089BB5C249BCF4034D0671254CA4236EC3ECA935AAC4B17E0FC7F3
Chrome Cache Entry: 140	Unicode text, UTF-8 (with BOM) text	BA4EF2A284E81C8E650D7D24836DE151	D3CFCADAB80139821DC9937966D050BC363EDF88	8F13BC76D4DAD1F7AF06BF4B128B6722CC28102DF885CC8C82995F45FA2699CE
Chrome Cache Entry: 141	ASCII text	DB380967AB8D1C2F67A4ABB023F77F9A	55B1700ACF99074CD3214F06CD6C137508AA3550	A10DB5EB3C5E26FAAFE61C5DCCFE95A6A26C21C057C35733C819CB94FEA60B4C
Chrome Cache Entry: 142	ASCII text, with CRLF line terminators	DBFAC7887A157C9B73DC42927FC15B74	435FD188BF66F0207EEB298DD13228D17D36E4D1	FC66E3943BC6EDC7B1F79D952D31DABCBA3BD576190DEEB9A7518CEE6B75C5A1
Chrome Cache Entry: 143	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 144	MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	2B4509D8A869917BBC5CE10982956619	DC21BD40ED9B873779F855026F253BDD3322723D	397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822
Chrome Cache Entry: 145	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 146	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55071	978A6C1AA934E5B1C5320D515FD25662	64636EF3E1AD607F095DBA6CB01447AC133B483D	D1963B1837F4087E988FD18BB4CF25B38D61D675C4B6A6FC01158BD39945F10A
Chrome Cache Entry: 147	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 148	ASCII text	BDEF8D572912B56F73D617F662C56FC6	73E9ACD753C1FD8946484E9A7D2A50083992543B	74D1BBC799DAA1175D0EB25D2DC8BD7305D4BA79D535A9CE68883392FF5A1A95
Chrome Cache Entry: 149	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 150	HTML document, ASCII text, with CRLF line terminators	19759EBDB2B2112C98FC35E1D8A7A04C	AD5E4DE4BFBE2916C415AF62D12DA4B511EFF04D	2957AABA716D164317011B321ECEBD2ECECA1A68C07AA097EDC830AA2D68DDBE
Chrome Cache Entry: 151	ASCII text, with very long lines (65447)	8FB8FEE4FCC3CC86FF6C724154C49C42	B82D238D4E31FDF618BAE8AC11A6C812C03DD0D4	FF1523FB7389539C84C65ABA19260648793BB4F5E29329D2EE8804BC37A3FE6E
Chrome Cache Entry: 152	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 153	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 154	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 155	JSON data	3E2129EC7EE0D22D5874D661893921C0	E6B20A5603F8B9292D46E2A74E32D1DDC6229196	C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
Chrome Cache Entry: 156	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 157	MS Windows icon resource - 8 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	2B4509D8A869917BBC5CE10982956619	DC21BD40ED9B873779F855026F253BDD3322723D	397EDDF44E1BF7E557B0B4F5173DA95D8FD832B6F2F10D6E41C17DC539D5A822
Chrome Cache Entry: 158	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113084	92A840DC3D177339DAE03FEDF22A22B5	C1C9A6E6442388D07A9D9D72C12DA25094D6920F	4A986BA8875F22A0EABC356112A6790F90E114ADB72EAEC4632E03812EC1EDE4
Chrome Cache Entry: 159	ASCII text, with very long lines (65291)	7729CA22266062FAD76102797EBB4CF5	9C3014D32B6867B42AB4930C39FC035D132C22E6	9496EA29BF4941907CCDF6E5D152CEB1505A6801D5DEEF1BC51F1DEABC3016FA
Chrome Cache Entry: 160	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 161	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113657	57911010756C90D58754C91EF1EE2765	BAA48FEF4866D7DAFD9F59417745EE838F0E63CA	87C5385BA17F84CC25FB7BBE1EDB4169BC702842BD74B758ACDC130986D55BC2
Chrome Cache Entry: 162	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 163	ASCII text, with very long lines (28900)	4083F5D376EB849A458CC790B53BA080	FB5B49426DEE7F1508500E698D1B3C6B04C8FCCE	008A1D103902F15FDB1C191FCB1CE8954330E7B8DE43D09ABB08555BA609F420
Chrome Cache Entry: 87	ASCII text, with very long lines (65329), with CRLF line terminators	C89EAA5B28DF1E17376BE71D71649173	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
Chrome Cache Entry: 88	HTML document, ASCII text, with very long lines (2345), with CRLF line terminators	E86EF8B6111E5FB1D1665BCDC90888C9	994BF7651CB967CD9053056AF2D69ACB74DB7F29	3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
Chrome Cache Entry: 89	HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators	929B21F108C4F46AE8E5588258652D94	A4FD35F93DC186DED41CB3EFEBE8EC8A82EA54BF	1F605F99E25FF7BAC8D672C6A0C12AF2E49357D7F0F88A8BDDEAEFA2852F7513
Chrome Cache Entry: 90	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 91	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 92	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 93	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 94	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 95	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 141320	97A274B38A866C3FEFFF29003D3511D1	0752DA49A4F7E374C76D0573AFD9CD1A074FBF00	6B1FF2587733BD9F44BC787C319AF8C23D01C14ED633DC8CB6F5DF55B5178E9B
Chrome Cache Entry: 96	Unicode text, UTF-8 text, with very long lines (65500)	E2909004AFA27151ECB0BC3D8B1826CA	E5B99D9420DF3DF077A30137F8DB40B7B409E762	82BA8DDBC334A2D4E0E79DF929EF3A7B1C9F96F2BCADC5A0268ACE6FF3673E2E
Chrome Cache Entry: 97	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 98	ASCII text, with very long lines (65536), with no line terminators	6C888978509757A1A621EF9B66110414	E0BB31F29DC3E14A424310DE42DE292ED7A34C18	E519D6A70F06DDF011B55FCFD0AB32AC0391D2A3CF0678BB5DB9A4EEDD164818
Chrome Cache Entry: 99	ASCII text	06FC2E5D62FD8C68ED435F0544EBCFC7	D0D36207D64387AF8145749901B47D7D230FA12B	2FBEB24A28504251C4A1B6064FAA783FD6036B4908397B957526C16DE2DF6F49

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML title does not match URL

HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=e1f7a25e-4159-4245-938f-8d1515b64998&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fdialin.teams.microsoft.com%2Fusp&client-request-id=902ba2b9-7be9-4899-ab31-1e726ff49dac&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.14.1&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=BOWP_prUUMODE2ivwnYWTrw58N4SCN2Qf8LCw2QLnBU&code_challenge_method=S256&nonce=911b8969-077a-4090-b31e-6b31a841862d&state=eyJpZCI6IjA2MmY4MTgzLWJiZjQtNDVhNy1iZTY1LWFjNGViZGNlMmJkZSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAjZG7btNQAEDtpA1ppLYBJNSFKkNVIYIdX8dO7Egd0jYPp0nclua5VHZyHd_EznV9XaKEiY0F0Y2HxNKxMFRVB0BCYmLIFDHx2JHogBBi6MBA-AOWs59zQgGeBQILbvt5lkutQGAkNV6EjABEmRF4QWTkuGQwUhuIQNQTgixL7rVQ-M1x9Oj7_Wf5l2DZxb9fvDqhV03Pc0gqFmsjzUJ91oOaTVgbtVxMsOGxLWzHDonzmqYnNH3iW5EB0CU5ITNcMqkxAidzjB4HkElMqUkCkBJ8-4tvUU0feib_D9hFI_jLFzRcrWPDvvfc78BhwWluKAmlm-ZLdkMo7XVGxVoBNbs7XnmzapaHADX3GqBYy3bLuSpq5spWyS70mncVotjAaucySO0TpNVErlkvmI34rqPzYgXW1y2li1HLrva0esFqxHeQUefWzvyBqYaN-2P_TezAPmpHHBcbyIIRbBhTa7ivtVqQkE9-ejJDX8zcCPrCC0t0hLq1yvlTwWAoTC1REepyhj6enVa8-iB6_mF-ufzo3dnXxx_nqPFsLM2rqtJcb8tJVDvgepDI1WKtyEMzN8i4OLmlWpLXjWL1QOysySlwFKCPAtfHgUWbaBbbJazu4gGB7s8A_fAK9XbuP688DdEnoehBCQ7iIysvc7rD665cLmWqjXv7FdIx1V6cye4Oc71saUDQRuY0RL-fpy4XPk_O_3wbP_mRv1i8U_GIrQ82K0Mza-qxXAcWR842bkXrFa-A00p_Z5AXt_c2tordzNppmPoL0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 23.201.212.130
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /vmsettings HTTP/1.1Host: aka.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_3b4rnVNi70Sso4_c42_ImQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown

DNS traffic detected: queries for: aka.ms

Source: chromecache_163.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_163.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_113.2.dr	String found in binary or memory: http://getbootstrap.com)
Source: chromecache_102.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/ac
Source: chromecache_148.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/co
Source: chromecache_148.2.dr, chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/re
Source: chromecache_136.2.dr	String found in binary or memory: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/docs/Acc
Source: chromecache_113.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_88.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: chromecache_150.2.dr	String found in binary or memory: https://login.microsoftonline.com/common
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/discovery/v2.0/keys
Source: chromecache_109.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/oauth2/v2.0/token
Source: chromecache_135.2.dr, chromecache_106.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Source: chromecache_88.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.201.212.130:443 -> 192.168.2.4:49768 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@18/135@20/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://aka.ms/vmsettings"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1988,i,9110740969243465056,422628057034115576,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1427028
Product:	CloudBasic
Start time:	22:46:22
Start date:	16.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://aka.ms/vmsettings

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://aka.ms/vmsettings

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://aka.ms/vmsettings