Windows Analysis Report
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a

Overview

General Information

Sample URL:	https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a
Analysis ID:	1428963
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found iframes

HTML body contains low number of good links

Classification

Signatures

Found iframes

Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B

HTML body contains low number of good links

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: Number of links: 0
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Number of links: 1

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a/allowBlockConfirm HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=4BC5D059A6EF6310BADB5E0FCD34662A; SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/success-icon.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/success-icon.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /mail/manage/self-service HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=0C837F07464D45E4DA5064AD02D7EAF2; SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /manage/self-service HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /idp/authenticate?backtrack=/manage/self-service HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: redirect_to=
Source: global traffic	HTTP traffic detected: GET /assets/loginwithb2c.js HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-serviceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: redirect_to=; SESSION=OTgyNTRjZWEtZjVlNC00YmQ0LTlmY2UtNTZhNzNjM2VlY2Fj
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/fonts/Inter-Regular.woff2 HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.sophos.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/enter-email.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/sophos-logo.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/email-ui.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.sophos.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/favicon.ico HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/jquery.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/include-footer.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/localize-footer.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/enter-email.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/user-agent.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/sophos-logo.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/reload.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/favicon.ico HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js?did=2e456f46-6b86-42c8-be0a-01efd4471533 HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/footer.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/html, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/localize/en.json HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/claim-elements.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/welcome-animation.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/footer.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/icon-email.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/localize/en.json HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/footer.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/icon-email.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/018ee767-7431-780c-bf78-4b67b48c194b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcTab.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/018ee767-7431-780c-bf78-4b67b48c194b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcTab.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_124.2.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Kz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Kz("fsl","nv.ids",[]):Kz("fsl","ids",[]);if(!p.length)return!0;var q=Gz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!rI(q, equals www.facebook.com (Facebook)
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: return b}vC.H="internal.enableAutoEventOnTimer";var dc=ia(["data-gtm-yt-inspected-"]),xC=["www.youtube.com","www.youtube-nocookie.com"],yC,zC=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: mail-cloudstation-us-west-2.prod.hydra.sophos.com

Source: chromecache_124.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_124.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: chromecache_94.2.dr, chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/favicon.ico
Source: chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/logo
Source: chromecache_94.2.dr, chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/logo.png
Source: chromecache_94.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/success-icon
Source: chromecache_94.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/success-icon.png
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.css
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.eot?#iefi
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.eot?#ief
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.svg#flamabasic
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.svg#font
Source: chromecache_106.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/html/footer.html
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/favicon.ico
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/icon-email.svg
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/icon-password.svg
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/sophos-logo.svg
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/de.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/en.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/es.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/fr.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/it.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/ja.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/ko.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/pt.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/zh-hant.json
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/include-footer.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/jquery.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/localize-footer.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/reload.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/user-agent.js
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: chromecache_124.2.dr	String found in binary or memory: https://google.com
Source: chromecache_124.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup&client_id=cb303009-a
Source: chromecache_120.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_120.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_120.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_120.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_124.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: chromecache_120.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_124.2.dr	String found in binary or memory: https://www.redditstatic.com/ads/pixel.js
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal.aspx
Source: chromecache_110.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/cookie-information
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/cookie-information.aspx
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/products/sophos-central.aspx

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@20/97@40/9

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1880,i,9304512019144231151,15516723976325891686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1880,i,9304512019144231151,15516723976325891686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
54.154.82.165	cloud.sophos.com	United States	16509	AMAZON-02US	false
142.250.9.104	www.google.com	United States	15169	GOOGLEUS	false
54.171.140.60	unknown	United States	16509	AMAZON-02US	false
54.187.126.227	mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
104.19.178.52	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
18.64.156.27	d2y1fnwu0z0lk0.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
172.64.155.119	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
mail-spinnaker-1148880338.us-west-2.elb.amazonaws.com	54.187.126.227	true
cloud.sophos.com	54.154.82.165	true
www.google.com	142.250.9.104	true
d2y1fnwu0z0lk0.cloudfront.net	18.64.156.27	true
cdn.cookielaw.org	104.19.178.52	true
geolocation.onetrust.com	172.64.155.119	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
mail-cloudstation-us-west-2.prod.hydra.sophos.com	unknown	unknown
s.go-mpulse.net	unknown	unknown
www.sophos.com	unknown	unknown
cloud-assets.sophos.com	unknown	unknown
dc.services.visualstudio.com	unknown	unknown
c.go-mpulse.net	unknown	unknown
login.sophos.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/manage/self-service	false	high
https://cloud.sophos.com/assets/loginwithb2c.js	false	high
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a	false	high
https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	false	high
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/v2/otPcTab.json	false	high
about:blank	false	low
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/welcome-animation.css	false	high
https://cdn.cookielaw.org/scripttemplates/202311.1.0/assets/otFlat.json	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.woff2	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/icon-email.svg	false	high
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/html/footer.html	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/en.json	false	high
https://cloud.sophos.com/assets/favicon.ico	false	high
https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	false	high
https://cloud.sophos.com/assets/success-icon.png	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/html/enter-email.html	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/sophos-logo.svg	false	high
https://cdn.cookielaw.org/scripttemplates/202311.1.0/otBannerSdk.js	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/include-footer.js	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/localize-footer.js	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/user-agent.js	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/favicon.ico	false	high
https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/018ee767-7431-780c-bf78-4b67b48c194b/en.json	false	high
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=2e456f46-6b86-42c8-be0a-01efd4471533	false	high
https://cdn.cookielaw.org/consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json	false	high
https://cloud.sophos.com/manage/self-service	false	high
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location	false	high
https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/footer.css	false	high
https://cloud.sophos.com/assets/logo.png	false	high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text	848C2C7AAB8FEE97355D524339D8E45A	FD5F1A39C575A127577B6CA64BD6010A4C33DEDE	40255F5D38B31B2EB0DDAC892A4ADFDB6670745B005738914F7CD36F3A54C26B
Chrome Cache Entry: 101	SVG Scalable Vector Graphics image	55CA11EE6B441DDE05CF1219E1CCA259	EE382917D260A2D2980A393BCA6CB5B71DF4BA70	112D161523AB8A3D0E753CFA9F3A119C37DCB9518C432736F553536637F5DE2B
Chrome Cache Entry: 102	ASCII text, with no line terminators	E1B85DF275113DFC425A6F5381722152	441097AE5F5B9390CC9C649DFB31FE45502B7AA8	4CF4C74FF2728BB5FD95320B6B09F4604BC601B98A7D877761FEFC0C50FD0AE8
Chrome Cache Entry: 103	JSON data	69A7AA720A14F891F699ADAFD46867BF	BB3C49577C1B4AD6E74A1E576A121651E4D88A8E	858627F0520671360AEAB506B6C661F9EDB36BE56D46EA3995E45DD9AD453C68
Chrome Cache Entry: 104	JSON data	980C16696A6C7FB6C8242B74F5EDF52A	872854FDCD64A81655D447293D1E96AD0AD1C0BA	5B719538163FA24625A0742209D09A4481C7589E767D9EA8BCB16008035F681A
Chrome Cache Entry: 105	ASCII text, with very long lines (65254)	6C216960AB2D4F6342D17C748EA91D4D	AD6F96EFC3FCEC1D7515C39D6B344D4B9299C236	552AD8BF18678060B7E770C5E2A9606E1DC9B675485450C82D42BBD10155B94F
Chrome Cache Entry: 106	ASCII text	2D6100B08125ED447769974A40A813E8	8EA483BD350173DA9F359556151EF7795543EFBE	924723EE155691668B05266DA43D8D3F40F52444A5688883C0F8F9D5551F463A
Chrome Cache Entry: 107	JSON data	17D74FCFC797FB09BCA6E83DBB37E2E0	19B87359586DEAF447CC568AA08F055870531E10	5D265DA94B9820F7707B9F8C3E7D367428B43262534EC286942B8614AD3A0610
Chrome Cache Entry: 108	ASCII text, with very long lines (36201), with CRLF, LF line terminators	00A32F75B291702B744B6FE7DE230331	1C9C6FE1DB7C9F88AB0CC32E60C8263AC24E1DA0	97510BD75F19D6A1AD3EEB0B48F7F419DCB066BC41C6203B76D94DF4A98235BC
Chrome Cache Entry: 109	JSON data	79E25ADDED5098E4C6BCCD7C6E695F67	5B5575B59D1B265EDD784E4B7D22D588BC200CA1	5579F796A6FBA4C9CD590F9B95134707355CE47CA2DD8CEA711D2B40964F928D
Chrome Cache Entry: 110	JSON data	4AC27B534BF2325CA5691108348A7C0F	343394DAB0334E499C285BF5522FDA7E43C2BAA9	8E55003BDB6B1C546DA0375C2E54653F6802564E2363F8D9B15CFCA5182E44A6
Chrome Cache Entry: 111	SVG Scalable Vector Graphics image	55CA11EE6B441DDE05CF1219E1CCA259	EE382917D260A2D2980A393BCA6CB5B71DF4BA70	112D161523AB8A3D0E753CFA9F3A119C37DCB9518C432736F553536637F5DE2B
Chrome Cache Entry: 112	MS Windows icon resource - 1 icon, 16x16	E68882B760C3F603DFD1C5A5A85065CF	9017435FCBEC47CAB2E24336F4DAEA5C96AD19AF	590BB01B416F6CFB689B2016D7C291CBB1F0EF5D35327862C3C700204A2843D1
Chrome Cache Entry: 113	JSON data	C9D589BA7445ABE239CF89FB7E69A1A8	B4EE79A0A61E29B0F9FBC51F9C556D0BDCB0EFE0	2BC6A125D698416498CDF5EF60CD959AEF01DB95A6E3E0D74A95F9B6D3D78FEB
Chrome Cache Entry: 114	Web Open Font Format, TrueType, length 142340, version 0.0	5CE3E4DB9634913232403F166B2447DE	E1ED0FEB06835626A35E96BB71FFA06A6802A09B	68D52E74E8171DDB2C94CA60A2596DC8A46407320449881FD09369DBC317624C
Chrome Cache Entry: 115	PNG image data, 821 x 137, 8-bit/color RGBA, non-interlaced	776532C2A804F14979D901C210CE6EE7	40FD6AF3CCE3EDDC123EF711518D521089D52F02	4DEF6D9AD0B93FA285D5783527CAB94B9B8040B650AFBC808ED69E2ACE347BB4
Chrome Cache Entry: 116	JSON data	4D4429A2DFAA8A27FBE9659E8E717F74	28AD4885FF33594FA46ECED61BD42874926AA17C	EA5DB5581E262D77D1A43FBB3F0FA3661B51D097B40CA38F584B4943F47CF2E0
Chrome Cache Entry: 117	assembler source, ASCII text	8E534923429C32129307DA74827500BD	EBF2E4A4C9024D1AC8C3792DB8DB6EE9914DAAF3	EF20DF26204E6168A637458FF4D3782F3CD42F0207309B46B9C130F728BD83D0
Chrome Cache Entry: 118	SVG Scalable Vector Graphics image	B57C99C9D1E3C50B2114C6DB053D7FF0	ADA8ABFED92BA8A545BBD9D299D74D5972CC4AE8	691DCDB24853A0F5CE4E6597E5713DEA66799B57FFE2C2A10F28F98E0B569B19
Chrome Cache Entry: 119	Web Open Font Format, TrueType, length 133856, version 0.0	14D1275C67676CC5D911232D0C890D97	B5541B2654EEEFFB8E709CFE141A75644E53E9BA	3710E2CE073EC0EB39274DECC63768B52091A27E35F5C28D6ABB7A5FCEF0B7FC
Chrome Cache Entry: 120	ASCII text, with very long lines (5955)	4B278863D02BDFC4403B80E1AD31ADE1	350F5ADBDA01507F410B421D3DDAC7B00B68E5BA	2AAA549E7CA5E1E735CB146EAAB73C0BF252BD13054BCA382E5173EFC4AB51B7
Chrome Cache Entry: 121	SVG Scalable Vector Graphics image	B57C99C9D1E3C50B2114C6DB053D7FF0	ADA8ABFED92BA8A545BBD9D299D74D5972CC4AE8	691DCDB24853A0F5CE4E6597E5713DEA66799B57FFE2C2A10F28F98E0B569B19
Chrome Cache Entry: 122	PNG image data, 821 x 137, 8-bit/color RGBA, non-interlaced	776532C2A804F14979D901C210CE6EE7	40FD6AF3CCE3EDDC123EF711518D521089D52F02	4DEF6D9AD0B93FA285D5783527CAB94B9B8040B650AFBC808ED69E2ACE347BB4
Chrome Cache Entry: 123	ASCII text	E01B3596527E9EC6EF0C7732592412E7	449EACB14BF554E9762CFC64288D94A86873E3DB	AD8423ACBCC35731728911499EA16AD1FCC2AF2564322676DDC9C790F3CAA7C3
Chrome Cache Entry: 124	Unicode text, UTF-8 text, with very long lines (57048)	D3FB38DC35EDF3DAA6629B4AFFF56E5B	148D10C510B87EC04D08555D65A1104E8FD265E3	1D65B81CDCE6F4C6157C4D4A54E1E13790B2889F844DC1D6809F80F39ADA3109
Chrome Cache Entry: 125	ASCII text, with very long lines (21778), with no line terminators	73BC4067D312180A1B19A4D883F42D6A	AD328A9A572FBEA43F295E7769835FF08F6FF1FD	D3F7B0EC4DE079928A999641E781E80F33597A392A561BC460276DFB4EFB6EEC
Chrome Cache Entry: 69	JSON data	69A7AA720A14F891F699ADAFD46867BF	BB3C49577C1B4AD6E74A1E576A121651E4D88A8E	858627F0520671360AEAB506B6C661F9EDB36BE56D46EA3995E45DD9AD453C68
Chrome Cache Entry: 70	HTML document, Unicode text, UTF-8 text, with very long lines (374)	7929FC310C9A89084233C3F53312E86C	5935BE67882E492F6519199F1C0BE4B6CC57F167	6680FB36B9E834D3DFC678AC2B6BEE909532F4795951A2058D1764248B2FE57F
Chrome Cache Entry: 71	HTML document, ASCII text	2BF6E8E677DF575FC3F9DF6337FE0C95	CB33D8148EB93436EF3C2A765BEDFE761FB767D3	037E280119146F1C1F865CD13828723C04E7DA74162325A8FDA8FA21E4133E04
Chrome Cache Entry: 72	ASCII text, with no line terminators	B0F41DFDB39537EAD363417D80CFC0A7	93C53BC2B37815BF7574FF54D923979054DE4057	413FA819EBD01D88E44A674D282AB109B747DB63592C57E099706B364D8C2DEB
Chrome Cache Entry: 73	C source, ASCII text, with very long lines (65103)	FA4C76A7FDE62B18054CF7EB8E946012	B20150066A879D2B78DD3D4908F4ACD148EE66F8	09EBD7F407439990AAC227E70DA23E1A819E8E30282928E324370805F480BEC4
Chrome Cache Entry: 74	JSON data	C9D589BA7445ABE239CF89FB7E69A1A8	B4EE79A0A61E29B0F9FBC51F9C556D0BDCB0EFE0	2BC6A125D698416498CDF5EF60CD959AEF01DB95A6E3E0D74A95F9B6D3D78FEB
Chrome Cache Entry: 75	ASCII text, with very long lines (21778), with no line terminators	73BC4067D312180A1B19A4D883F42D6A	AD328A9A572FBEA43F295E7769835FF08F6FF1FD	D3F7B0EC4DE079928A999641E781E80F33597A392A561BC460276DFB4EFB6EEC
Chrome Cache Entry: 76	Web Open Font Format (Version 2), TrueType, length 98804, version 1.0	8070997696B1C91905FECBA458F96640	7B52AC6F38F16EF83EDF01D3BD1C90EE2B29E357	3787E2F283651744E0B93D1FEFB5936C7AF26DB8014C0DEF6651D050C56DD47E
Chrome Cache Entry: 77	HTML document, Unicode text, UTF-8 text, with very long lines (374)	7929FC310C9A89084233C3F53312E86C	5935BE67882E492F6519199F1C0BE4B6CC57F167	6680FB36B9E834D3DFC678AC2B6BEE909532F4795951A2058D1764248B2FE57F
Chrome Cache Entry: 78	ASCII text	32E9DCCFFFE7F095A8DAD17D7995FC2F	C7C0785F61DA7780F6C4221E1BEE4D439333AE6D	E80546B0EDBF879D2B1045D62CD454D6D24E560A74161808B8933F2690BF810C
Chrome Cache Entry: 79	SVG Scalable Vector Graphics image	63E737D3544164D2B7F4FBCA416AC807	030370AA38715E4C41589633F69D0BFE8255D46C	5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
Chrome Cache Entry: 80	JSON data	79E25ADDED5098E4C6BCCD7C6E695F67	5B5575B59D1B265EDD784E4B7D22D588BC200CA1	5579F796A6FBA4C9CD590F9B95134707355CE47CA2DD8CEA711D2B40964F928D
Chrome Cache Entry: 81	JSON data	4D4429A2DFAA8A27FBE9659E8E717F74	28AD4885FF33594FA46ECED61BD42874926AA17C	EA5DB5581E262D77D1A43FBB3F0FA3661B51D097B40CA38F584B4943F47CF2E0
Chrome Cache Entry: 82	MS Windows icon resource - 1 icon, 16x16	E68882B760C3F603DFD1C5A5A85065CF	9017435FCBEC47CAB2E24336F4DAEA5C96AD19AF	590BB01B416F6CFB689B2016D7C291CBB1F0EF5D35327862C3C700204A2843D1
Chrome Cache Entry: 83	SVG Scalable Vector Graphics image	7D146458D9B7A8C4DA7A42D28D6267EE	1D41759C46D747CB437B53369AE4FBF04F8CFDCC	ADC418A2BAE255B9B9FD4EFD55FC11210FBD940201AED3634B3905E99634B484
Chrome Cache Entry: 84	SVG Scalable Vector Graphics image	9CD0033D77DFA55A69696736A8A021BC	D2683B93BE6839C07E401C4EB349D6863A7D7E99	CC3AA36C04DBB2EC7F492EA68667C727486887BA35FCEE62869CA5AFC4D26EAF
Chrome Cache Entry: 85	SVG Scalable Vector Graphics image	63E737D3544164D2B7F4FBCA416AC807	030370AA38715E4C41589633F69D0BFE8255D46C	5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
Chrome Cache Entry: 86	ASCII text, with very long lines (65536), with no line terminators	1DD63DE72CF1F702324245441844BE13	58A8BDCDCB398AF7DB424357DF70DF18E7B30E9D	5201C813C37A4168CC5C20C701D4391FD0A55625F97EB9F263A74FB52B52FD0E
Chrome Cache Entry: 87	ASCII text, with very long lines (21229)	0CD317A7B9C520801230E944F7D50E41	E3985FF0C2E8B1EAACB617C7C5AF5BEBFCBCEDA6	6F08699117C1F15F6D35E7B4380D12D18A1881F075E177B5853B1017A3307544
Chrome Cache Entry: 88	ASCII text	9B06B5451E58B45D0B436D72983503FB	2DD7146CAABBE78E7776AF37A5FF5A54E59424C3	856FD57ABD32242EBD8ACA9008F24702671A4207700A9A4365230B74A16E0344
Chrome Cache Entry: 89	JSON data	17D74FCFC797FB09BCA6E83DBB37E2E0	19B87359586DEAF447CC568AA08F055870531E10	5D265DA94B9820F7707B9F8C3E7D367428B43262534EC286942B8614AD3A0610
Chrome Cache Entry: 90	SVG Scalable Vector Graphics image	9CD0033D77DFA55A69696736A8A021BC	D2683B93BE6839C07E401C4EB349D6863A7D7E99	CC3AA36C04DBB2EC7F492EA68667C727486887BA35FCEE62869CA5AFC4D26EAF
Chrome Cache Entry: 91	HTML document, ASCII text	A0D517EF41B946D8E0B60033D06F287C	CF5EDDF0B8D71F0172351D9929EB3319526A20FC	D108851E907774514E5C8DE4EEA9FEF7479172CC00FE3B02042E4A42EB0AAD70
Chrome Cache Entry: 92	ASCII text, with very long lines (2519)	6EC09CBE7FAFD476FFD1E96575D71A02	4EAADA5B99A1BE4C0408A57D1BDE42E40AFB48CB	58254751DB0F7B5FF46D21F843C41553E4A4BDD96F41CF8541593B0460FD220C
Chrome Cache Entry: 93	JSON data	4AC27B534BF2325CA5691108348A7C0F	343394DAB0334E499C285BF5522FDA7E43C2BAA9	8E55003BDB6B1C546DA0375C2E54653F6802564E2363F8D9B15CFCA5182E44A6
Chrome Cache Entry: 94	HTML document, ASCII text	09708543058C4D8D876C5DF9695FBDCA	3C121D696D9553B50CC36FACC80DE5D6FFE83678	986B48CC464341132B8E060BC689C05B97E0765AD3297D99F65D20065FCE64B1
Chrome Cache Entry: 95	SVG Scalable Vector Graphics image	7D146458D9B7A8C4DA7A42D28D6267EE	1D41759C46D747CB437B53369AE4FBF04F8CFDCC	ADC418A2BAE255B9B9FD4EFD55FC11210FBD940201AED3634B3905E99634B484
Chrome Cache Entry: 96	ASCII text	77B2BD6C47E62F4061AC324008FF1EE5	F986552931B54871267122D59F562059BFE4A3B1	16068F1D1E445DEDA600E853166FD6428207CCC856E3971E1EF9BC6C0C57AC2B
Chrome Cache Entry: 97	HTML document, ASCII text	2BF6E8E677DF575FC3F9DF6337FE0C95	CB33D8148EB93436EF3C2A765BEDFE761FB767D3	037E280119146F1C1F865CD13828723C04E7DA74162325A8FDA8FA21E4133E04
Chrome Cache Entry: 98	ASCII text, with very long lines (65451)	1778C7B999E7D61597F0B0A2D32164F2	0D3EADEAEF144C1C51A4A469048E4D3CF2278446	35B480DF2D3690B7262690598F87598BC6E3AB6303E94911F2C1B77A721D7B49
Chrome Cache Entry: 99	ASCII text, with no line terminators	A3956F4AB89D76145E2D250140623D04	0324FCB18475594011EB63B79B0C430971967662	3503CCF7B1993CB572AE11ED9898EC92D08D771F3E4312928AA3BEF0A8F259AF

Found iframes

Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B

HTML body contains low number of good links

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: Number of links: 0
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: Number of links: 1

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="author".. found

Source: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found
Source: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup_signin&client_id=a2909672-3668-457e-ba5b-5bbd4508f6e2&redirect_uri=https://cloud.sophos.com/idp/azureb2c&scope=openid&response_type=id_token&prompt=login	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a/allowBlockConfirm HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=4BC5D059A6EF6310BADB5E0FCD34662A; SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/success-icon.png HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/logo.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /assets/success-icon.png HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /mail/manage/self-service HTTP/1.1Host: mail-cloudstation-us-west-2.prod.hydra.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=0C837F07464D45E4DA5064AD02D7EAF2; SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /manage/self-service HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: SESSION=NWM4OTU4YmItOTlmMC00YTNiLTllZWUtNzA4ZTUwZDQxODUw
Source: global traffic	HTTP traffic detected: GET /idp/authenticate?backtrack=/manage/self-service HTTP/1.1Host: cloud.sophos.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: redirect_to=
Source: global traffic	HTTP traffic detected: GET /assets/loginwithb2c.js HTTP/1.1Host: cloud.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-serviceAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: redirect_to=; SESSION=OTgyNTRjZWEtZjVlNC00YmQ0LTlmY2UtNTZhNzNjM2VlY2Fj
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/fonts/Inter-Regular.woff2 HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.sophos.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/enter-email.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/sophos-logo.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/email-ui.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.sophos.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/favicon.ico HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/jquery.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/include-footer.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/localize-footer.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/enter-email.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/user-agent.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/sophos-logo.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/scripts/reload.js HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/favicon.ico HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js?did=2e456f46-6b86-42c8-be0a-01efd4471533 HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/footer.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: text/html, /; q=0.01sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/localize/en.json HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/claim-elements.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/welcome-animation.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/css/footer.css HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/icon-email.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/localize/en.json HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/html/footer.html HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/2e456f46-6b86-42c8-be0a-01efd4471533.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /2024.18.03.04.17/2188/images/icon-email.svg HTTP/1.1Host: d2y1fnwu0z0lk0.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/018ee767-7431-780c-bf78-4b67b48c194b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcTab.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/2e456f46-6b86-42c8-be0a-01efd4471533/018ee767-7431-780c-bf78-4b67b48c194b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otFlat.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://login.sophos.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.sophos.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202311.1.0/assets/v2/otPcTab.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/8814ea97-7d41-4933-8a06-f5b8e65f6da8/f3c8d17e-040e-46f5-9c16-27efb793a7a7/8e4641b4-93aa-4176-880e-cb2950b9093e/sophos-logo-blue-rgb_(1).png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_124.2.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Kz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Kz("fsl","nv.ids",[]):Kz("fsl","ids",[]);if(!p.length)return!0;var q=Gz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!rI(q, equals www.facebook.com (Facebook)
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: return b}vC.H="internal.enableAutoEventOnTimer";var dc=ia(["data-gtm-yt-inspected-"]),xC=["www.youtube.com","www.youtube-nocookie.com"],yC,zC=!1; equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: mail-cloudstation-us-west-2.prod.hydra.sophos.com

Source: chromecache_124.2.dr	String found in binary or memory: https://ad.doubleclick.net
Source: chromecache_124.2.dr	String found in binary or memory: https://ade.googlesyndication.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: chromecache_94.2.dr, chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/favicon.ico
Source: chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/logo
Source: chromecache_94.2.dr, chromecache_91.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/logo.png
Source: chromecache_94.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/success-icon
Source: chromecache_94.2.dr	String found in binary or memory: https://cloud.sophos.com/assets/success-icon.png
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/css/email-ui.css
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/Inter-Regular.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Bold.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-BoldItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Light.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-LightItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Medium.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-MediumItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Regular.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.eot?#iefi
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-RegularItalic.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-Semibold.woff2
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.eot?#ief
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.svg#font
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/SophosSans-SemiboldItalic.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.svg#flamabasic
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.ttf
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/flama-basic-webfont.woff
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.eot
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.eot?#iefix
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/fonts/inter-regular.svg#font
Source: chromecache_106.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/html/footer.html
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/favicon.ico
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/icon-email.svg
Source: chromecache_123.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/icon-password.svg
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/images/sophos-logo.svg
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/de.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/en.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/es.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/fr.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/it.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/ja.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/ko.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/pt.json
Source: chromecache_92.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/localize/zh-hant.json
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/include-footer.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/jquery.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/localize-footer.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/reload.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://d2y1fnwu0z0lk0.cloudfront.net/2024.18.03.04.17/2188/scripts/user-agent.js
Source: chromecache_89.2.dr, chromecache_107.2.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/krux/postscribe/blob/master/LICENSE.
Source: chromecache_124.2.dr	String found in binary or memory: https://google.com
Source: chromecache_124.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://login.sophos.com/login.sophos.com/oauth2/v2.0/authorize?p=B2C_1A_signup&client_id=cb303009-a
Source: chromecache_120.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_120.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_120.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_120.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_124.2.dr, chromecache_120.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_124.2.dr	String found in binary or memory: https://www.googletagmanager.com/dclk/ns/v1.js
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=
Source: chromecache_70.2.dr, chromecache_77.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B
Source: chromecache_120.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_124.2.dr	String found in binary or memory: https://www.redditstatic.com/ads/pixel.js
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal.aspx
Source: chromecache_110.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/cookie-information
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/cookie-information.aspx
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx
Source: chromecache_71.2.dr, chromecache_97.2.dr	String found in binary or memory: https://www.sophos.com/en-us/products/sophos-central.aspx

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49746 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@20/97@40/9

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1880,i,9304512019144231151,15516723976325891686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1880,i,9304512019144231151,15516723976325891686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1428963
Product:	CloudBasic
Start time:	23:08:03
Start date:	19.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://mail-cloudstation-us-west-2.prod.hydra.sophos.com/mail/api/xgemail/smart-banner/55e3e38d9bcbfbe895ad54204d157a6a