Play interactive tourEdit tour

Windows Analysis Report
https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cMN2PR15MB265581B72BCA78783AC3110FE1122%40MN2PR15MB2655.namprd15.prod.outlook.com%3e

Overview

General Information

Sample URL:	https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cMN2PR15MB265581B72BCA78783AC3110FE1122%40MN2PR15MB2655.namprd15.prod.outlook.com%3e
Analysis ID:	1430595
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Uses insecure TLS / SSL version for HTTPS connection

Classification

×

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Phishing

Found iframes

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: Iframe src: https://outlook.office365.com/owa/prefetch.aspx

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C	HTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: Title: Sign in to Outlook does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: Title: Sign in to Outlook does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: Title: Sign in to Outlook does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: Title: Sign in to Outlook does not match URL

HTML body contains password input

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: <input type="password" .../> found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: <input type="password" .../> found

HTML page is missing a favicon

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C	HTTP Parser: No favicon
Source: https://outlook.office365.com/owa/prefetch.aspx	HTTP Parser: No favicon
Source: https://outlook.office365.com/owa/prefetch.aspx	HTTP Parser: No favicon

META author tag missing

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: No <meta name="author".. found

META copyright tag missing

Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=57884ebc-20ed-69b7-9f1b-a865892114a4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba&state=VYtBbsIwEEWT9ixhF-MZe2yzQFVCQWIRVHEDOx4qRBKjkJYrcGyyYcHi_cXTf3mWZZ8zHzO5nCezRjm9IqlQKzCOQJOwmqM5YSgDBi51K20ZjLKls0TUOsJV8PncPvJluvvl1_-Z732K3K2P7GPDt5v_5f3E_WI_TDwOPL3c97pQbXPAnyNQU6MhclBbrDeVddapaqMA5G4LgFho-XYUg--vYwQS1zFFkf6mLqWLaFNfKH4C&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=4b25dd10-2516-35d5-28c7-714815154269&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b&state=DcsxEoAwCABBouNzMDEQCM8hOrSWfl-Kve4KAOxpS6VlQIUm22jUtc2rD-Vx3m5uix4MZUMWEjT1QPFg06C5eJV8j_p-Xn8	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=dc4c82b9-9f23-cb47-45c1-7118250deb8a&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce&state=Dcs7FoAwCABBos_jYAgQQ46Tb2vp9aWY7TYAwOkOF8gD5RHTmkm4JkpiJOU2W1x3MbQ9BJWVsac8capaH603Giv4e8X3a_EH	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=45c0d02e-1ce4-6188-0c2e-73e3fe1a59d4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&nonce=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3&state=Dcs7EoAwCEVRouNyMOAjkSwnn7G1dPtSnNvdRER72EKSCN0Vbq0IIO5VVKycvU69Zgf7wmJbQ7mpNsYcxfxBfQZSvEd-v55_	HTTP Parser: No <meta name="copyright".. found

Compliance

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49766 version: TLS 1.0

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49805 version: TLS 1.2

Networking

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49766 version: TLS 1.0

Connects to IPs without corresponding DNS lookups

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 52.159.127.243
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64

Downloads files from webservers via HTTP

Source: global traffic	HTTP traffic detected: GET /owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cMN2PR15MB265581B72BCA78783AC3110FE1122%40MN2PR15MB2655.namprd15.prod.outlook.com%3e HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_0lriinjhzchre9aqecvmpg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; X-OWA-RedirectHistory=ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/applogos/53_7a3c80bf9694448bac31a9589d2e9e92.png HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49-small_2055002f2daae2ed8f69f03944c0e5d9.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/appbackgrounds/49_6ffe0a92d779c878835b40171ffc2e13.jpg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_presetpasswordsplitter_f7fbb7540d7be2ae771b.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/ HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; X-OWA-RedirectHistory=ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_jHSrlUosdD1xxbmcR_lMNA2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l2bvdjfwt697xziuhxpwsg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_7f0a8c2a247460fad87f.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; OpenIdConnect.nonce.v3.N3qRrA14YiorlN6zmhaE1YEQyahs_lsaF3ZixY0HMvg=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b; X-OWA-RedirectHistory=ArLym14Bi7Ztb9lj3Ag|ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_eb638da25d4055fbbb57.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /owa/ HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; OpenIdConnect.nonce.v3.N3qRrA14YiorlN6zmhaE1YEQyahs_lsaF3ZixY0HMvg=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b; X-OWA-RedirectHistory=ArLym14Bi7Ztb9lj3Ag|ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; OpenIdConnect.nonce.v3.N3qRrA14YiorlN6zmhaE1YEQyahs_lsaF3ZixY0HMvg=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b; OpenIdConnect.nonce.v3.yp0b6NYJo5LnwyKCb7pn701jVtoj966VUs7Jnw8kSZU=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce; X-OWA-RedirectHistory=ArLym14Btcp1e9lj3Ag|ArLym14Bi7Ztb9lj3Ag|ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /owa/ HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; OpenIdConnect.nonce.v3.N3qRrA14YiorlN6zmhaE1YEQyahs_lsaF3ZixY0HMvg=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b; OpenIdConnect.nonce.v3.yp0b6NYJo5LnwyKCb7pn701jVtoj966VUs7Jnw8kSZU=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce; X-OWA-RedirectHistory=ArLym14Btcp1e9lj3Ag|ArLym14Bi7Ztb9lj3Ag|ArLym14BGS7xXtlj3Ag
Source: global traffic	HTTP traffic detected: GET /owa/prefetch.aspx HTTP/1.1Host: outlook.office365.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ClientId=21005DA175D0486FB6CC7306B18DB8F9; OIDC=1; OpenIdConnect.nonce.v3.8lrqHfJIjxeKmLsEWTYt18TbOGRQMKZy88ZOq-mt830=638495032431685145.74ed6f2b-b2be-4c07-b637-87555c8529ba; OpenIdConnect.nonce.v3.N3qRrA14YiorlN6zmhaE1YEQyahs_lsaF3ZixY0HMvg=638495032708125745.ca9a9b3d-f749-4636-97af-6af497f38b4b; OpenIdConnect.nonce.v3.yp0b6NYJo5LnwyKCb7pn701jVtoj966VUs7Jnw8kSZU=638495032910138037.88e29f78-8fc3-4242-b15d-d448bcaba0ce; OpenIdConnect.nonce.v3.z4ilhCBFtC7tvpRUskPgo-WTXWKcoaqKj88CsoASsXA=638495033088601045.a6c12ca3-8d3d-4db1-9119-3cb548f36fb3; X-OWA-RedirectHistory=ArLym14B1esYhtlj3Ag|ArLym14Btcp1e9lj3Ag|ArLym14Bi7Ztb9lj3Ag|ArLym14BGS7xXtlj3Ag

Performs DNS lookups

Source: unknown

DNS traffic detected: queries for: outlook.office365.com

URLs found in memory or binary data

Source: chromecache_90.2.dr	String found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_81.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_81.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_81.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_74.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_74.2.dr	String found in binary or memory: https://login.windows-ppe.net

Uses HTTPS

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49723 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49748 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49773 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49788 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49796 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.159.127.243:443 -> 192.168.2.6:49805 version: TLS 1.2

System Summary

Classification label

Source: classification engine

Classification label: clean2.win@24/84@24/10

Spawns processes

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2204,i,3844797713669142651,5628405617170372951,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://outlook.office365.com/owa/?viewmodel=ReadMessageItem&InternetMessageID=%3cMN2PR15MB265581B72BCA78783AC3110FE1122%40MN2PR15MB2655.namprd15.prod.outlook.com%3e"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=2204,i,3844797713669142651,5628405617170372951,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Found graphical window changes (likely an installer)

Source: Window Recorder

Window detected: More than 3 window changes detected