Windows Analysis Report
https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0

Overview

General Information

Sample URL:	https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3
Analysis ID:	1431290
Infos:

Detection

Score:	3
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Stores files to the Windows start menu directory

Submit button contains javascript call

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

Found iframes

Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Iframe src: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Iframe src: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Number of links: 0
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Title: Sign in to your account does not match URL
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Title: Create account does not match URL
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Title: Create account does not match URL

Submit button contains javascript call

Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true

HTTP Parser: <input type="password" .../> found

Source: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US

HTTP Parser: No favicon

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49728 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49718 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49728 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.49.37
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.49.37
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_0lriinjhzchre9aqecvmpg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /converged_ux_v2_nBE5FSqn9KpH44ZlTc3VqQ2.css?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lwsignupstringscountrybirthdate_en-us_gdxUIqa3ijrOefuBnwhTKg2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_MwksSuxFBgQ4Y619ES0DZQ2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_9itStK--DdHYjkMJSN7X3A2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: signup.live.com
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: fpt.live.com

Source: unknown

HTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900D492X-BM-CBT: 1696428841X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900D492X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticshX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 2484Connection: Keep-AliveCache-Control: no-cacheCookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1713980295912&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF

Source: chromecache_124.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_124.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_120.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_120.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.31.1/LICENSE
Source: chromecache_122.2.dr, chromecache_111.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/discovery/v2.0/keys
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/oauth2/v2.0/token
Source: chromecache_132.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Source: chromecache_122.2.dr, chromecache_111.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49718 version: TLS 1.2

Source: classification engine

Classification label: clean3.win@22/123@22/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1992,i,4352217613125422035,14921878551457243964,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1992,i,4352217613125422035,14921878551457243964,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: chromecache_162.2.dr	Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_162.2.dr	Binary or memory string: ",DisconnectVirtualMachine:"

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.69	part-0041.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.213.69	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.141.105	www.google.com	United States	15169	GOOGLEUS	false
152.199.4.44	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.5

Contacted Domains

Name	IP	Active
bg.microsoft.map.fastly.net	199.232.214.172	true
cs1100.wpc.omegacdn.net	152.199.4.44	true
part-0041.t-0009.t-msedge.net	13.107.246.69	true
sni1gl.wpc.alphacdn.net	152.195.19.97	true
www.google.com	142.250.141.105	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
signup.live.com	unknown	unknown
identity.nel.measure.office.net	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
login.microsoftonline.com	unknown	unknown
fpt.live.com	unknown	unknown
acctcdn.msftauth.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US	false		high
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 16:38:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	74E6766F7418351371DEC678FC4B60ED	31F9A068B871BF8A0974A386C16D60C4F26EA02D	37A1B8D80145C50A1ACCF2A265AC4A13B8959A6EDCCD27690B0E7D7357D0C524
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 16:38:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	7BD7BE3C0D228C1173D7B9D9EBE5D128	246E18E59BB5E2093B97206BA2324AD3359D7FAC	2ABC5456A2268B886AB1F2C379844908A702B7C952292EB0BDF64091F6E0376C
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A8B5C89D721A45552975C6ABB8330337	4F8521970EF5A85C477000292ED4E977E919BEA4	0E28C50BE681026780DF3175468C1F9BDBC0F366C7AD19D3494A1B40B7026B33
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 16:38:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C26547A0C17EE1357F32B4CE8C7C2371	6A727FB8C4BBD9D04CFEC275D83B815CF2538D08	A88D55029BA4F3372115D5F93EB4D3B1ADE7DBDB4BC5FB1DA7851DA33AAE9298
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 16:38:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	CF6E61F499B9AC3C7E4593B0BEC61810	79255DA8CCF70DD87BBEBDE240EE0D4330C3A143	A9519F9CA758E54F748A9A8AC0D90F19490E46076C6B374796D9E5F08CC154C0
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Apr 24 16:38:34 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	A6E4A39E276BF6BA5CF8C13119C85242	5704DF04DF7CB5D9E03221D43C56B1C7D82E6E48	762A4F5AE41B6867C8F1C2DB05D8C81D7DA96724FCE4E07D7DEFAC42A52A12C1
Chrome Cache Entry: 109	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152	C1E82BF71ADD622AD0F3BF8572F634FC	6CA863D4CAB96669202548D301693B3F5F80B0D5	BA48AF15D297DB450DC4870242482145ADDB2D18375A4871C490429E2DC5464A
Chrome Cache Entry: 110	HTML document, ASCII text, with very long lines (956), with no line terminators	1F540C2060BA3C3AEBC5C4C29650AF0A	E4A99883E3D4207C47CE2FED1EE46F253E52631F	0BDAA318FBCAC70B9A5C99DBAA611128972A92867F730E30813CD835F33277DB
Chrome Cache Entry: 111	HTML document, ASCII text, with very long lines (2345), with CRLF line terminators	E86EF8B6111E5FB1D1665BCDC90888C9	994BF7651CB967CD9053056AF2D69ACB74DB7F29	3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
Chrome Cache Entry: 112	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 113	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 114	JSON data	061B4DB0C50D80BCDA3C97A6FF077425	89DFB6A8BFAEEE0457092FED06A9AA92EE9387DC	4F71775CD97686D03503CA25B5299A4B6FE950A2BD46B395082E8B04B43E3A63
Chrome Cache Entry: 115	ASCII text, with very long lines (65460)	9DDEA63A6B5FE0C517541E8D54D7CE63	EE8D0DF1D636822FD29500A906ED06998221B769	A4EACDE3DA3E7E5CFB6B34FB69BBCDC1928E84FA5A70E0484E1CC1C0D3389B92
Chrome Cache Entry: 116	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 224	E61F0B987E7FA04847E5C351DBE9D8DE	18562B0741E8484649FA64E78990CFC97EE7A39F	016CF2A4A3FC33926FEED2F2EC5EDE7CC6E6B18392A10FAF599314C98A742263
Chrome Cache Entry: 117	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 118	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 119	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 120	ASCII text, with very long lines (65446)	15149A12CC042DCA2B5976D704D58AF4	5882D2DBF2EE0D7FA9B193F114AEE7FD2EB00939	5F74C854DC6B97753AFA0C34C3715EB9A5DB6F4DF519BFC9CA82BE403DAD9510
Chrome Cache Entry: 121	JSON data	061B4DB0C50D80BCDA3C97A6FF077425	89DFB6A8BFAEEE0457092FED06A9AA92EE9387DC	4F71775CD97686D03503CA25B5299A4B6FE950A2BD46B395082E8B04B43E3A63
Chrome Cache Entry: 122	HTML document, ASCII text, with very long lines (2345), with CRLF line terminators	E86EF8B6111E5FB1D1665BCDC90888C9	994BF7651CB967CD9053056AF2D69ACB74DB7F29	3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
Chrome Cache Entry: 123	ASCII text, with very long lines (46480)	7131298AD2174508752F8E858EA68DE6	B8D5192FF0CBC609FFB1D2A9B9E292754A1CC99F	F1A54E92391653CC7DD5D4480EF80F578B2A2C77E6E421B7C9AAFA0AC4586E75
Chrome Cache Entry: 124	ASCII text, with very long lines (45563)	0A1A5BA009FB1F25E3F3D036D8CF26CE	8E9E6A11CED0807252C34DCA1D8C7C2390D1A5CA	94153F2A6DAAE35DFCB61DC987E2D4310B7CA021E36375E87D8B8C641C0C6121
Chrome Cache Entry: 125	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 126	ASCII text, with no line terminators	6BB67F495601048D153FBC0E1B5D05CE	23A3E77DB69B11287E84568C2E94192A1EBE4E2C	5B053E9B260D50775B96A767F054A10724CF5EC33A2A5AD06842AB96B439A108
Chrome Cache Entry: 127	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 209473	21FB34953E9C14B9D9AF42A16B01EEDA	5725579A2A405A8595835AB0D1C0266EB095F026	843C1FEEDDF2F3EBD449DDBE12938ED61D0E5A8385E9798873024180068DAA39
Chrome Cache Entry: 128	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 129	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 80144	A37BDBB8F418A4014C99AC1393E58A58	00C49FEF2C56BC87AAF99FAEE903E05986234BC8	99EF7CD8BC7584B2645FA63F11E101B1377CE314D7738FA57CB886813906BBD1
Chrome Cache Entry: 130	HTML document, ASCII text, with very long lines (2627), with CRLF line terminators	7CF9B90323703F91B395C965547479C1	3A40FE88064D0FD3AB8888A4F46273E03DA65284	2882C645D0D8782986164226296B19DB3C92938BB391DF7BDA4EED71D13BD672
Chrome Cache Entry: 131	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 132	JSON data	9FCE93410EB828E0EDF41D3F021D93E2	1584BC813F34E9B7356C6BD05CB2A14EC52E1590	F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
Chrome Cache Entry: 133	ASCII text, with very long lines (65464)	C2BB805FC8B25BF3FE5B5C1865BD1155	6FA491DDB5CD48A75D32AB474D2BF08477C34860	F22C0E077993BC20AEC1A2EF52B37D64C653A663529D087D2DE78EC3B54FAA0A
Chrome Cache Entry: 134	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 135	JSON data	3E2129EC7EE0D22D5874D661893921C0	E6B20A5603F8B9292D46E2A74E32D1DDC6229196	C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
Chrome Cache Entry: 136	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 137	ASCII text, with very long lines (65465)	B73411B9E8D67C925F892CC2E559AF8A	91488C9D5097752D080B92A6A56DBDC8FCBC9CE7	D8477933FA1E162357630AD8C86BC00345FB7716E31D94E7DE0B844D2B5476EC
Chrome Cache Entry: 138	ASCII text, with no line terminators	99611A6D80395B12231C73E816E7D424	1D9B4F007636E97FC38CD366ECB7792A9513A81E	72DB13BC6923ED0C46BA754742323429E8F431D014EC5E21A64ECBD736BD790E
Chrome Cache Entry: 139	JSON data	0E0B4EC2E9BB0149DC3C8505D580DDCF	23AC5D255AB965A2020E50DC1A734F7AF21C1BFC	FAB6325115456F770B3C0A2A17ADE45F98015C270EFEE1CBFC19C4EAA09F6212
Chrome Cache Entry: 140	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 55037	098D00E9154C1A4848DA016205C19CE9	E25940FD37302594D14B1884D70F75261059F26D	2BF70F1B03D3739907578441359DD07F2BE363C0AA052895C6C163D176F41393
Chrome Cache Entry: 141	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 142	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 143	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 144	ASCII text, with no line terminators	06B313E93DD76909460FBFC0CD98CB6B	C4F9B2BBD840A4328F85F54873C434336A193888	B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
Chrome Cache Entry: 145	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 15708	36ECDA9D08A21DBDBFADCE2A9B5F0E19	5B94BD8CF0CB10F2B18EBE3057ADD73B1DD2D238	05780B1268E4D1B6C254BC6D9084EBDD7594AC9C9C3EF31B9EF421C85ECB0B35
Chrome Cache Entry: 146	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 147	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 148	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113657	FCF71472EFC9E614B10DFD499805F729	CF1FA991F9F08068F8F5F4D188D741BF5C2B7722	23FF9B1A108B620EB12123003F37200042B120F3A554D3772B55F6366BDD4652
Chrome Cache Entry: 149	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 150	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 223759	3F98A175D5232F665BEFFC23352D7176	8413FCCF22CEBAAED144736F5415F09EFD45CE48	C6D80B97A3828280862163C72A94F5902F10D927FA1F6BDEAB5479B94F04F5AC
Chrome Cache Entry: 151	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 152	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 153	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 444357	5B2E3B2B1A706C0101B503B72F0A9B6F	4611FB4775572B46A5A14A6B12A52B558831A18D	D40DCDEAA08322A4EB75A7C4B2CD80675D5A75D4542A98B4C3E4992A810E9778
Chrome Cache Entry: 154	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 155	JSON data	9FCE93410EB828E0EDF41D3F021D93E2	1584BC813F34E9B7356C6BD05CB2A14EC52E1590	F463580C98FD336D4E69E7DCA36CF345A81A5E402F61D9F870EAE9D8C4E59DE9
Chrome Cache Entry: 156	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 28981	E136BF6A4163DFAF362EE33A5CCE2141	6BF60E30FD6DC097BD7F50F67622C6ED2E9117FC	4C9D555EA3719C873C5EDDA8B109BD4A136ACBECE2DD0324FD7634F63BB4584E
Chrome Cache Entry: 157	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 22961	B59E39F9921CAFCA149EB9685B51F656	CE99E1B2CA50537D61B5F6004EA2D0F528725979	72DE626A972E4867B3D7A5E1E3A08812FD74C25FAD1132E934AD3565FFD5AD78
Chrome Cache Entry: 158	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 209667	5CD2B9AF646C5F18C0EC3285217823DA	1A8137E3ACB4134BC673C93B9E0F8C8A3D88C342	C05F76060D21B896CD9E06D7B6FBA8EADDA1192D5C2054E13848B1A352B608F1
Chrome Cache Entry: 159	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 95910	5E5918E943A26D2E4037BD7418076110	06B96FC7B61F3EF879A3D37536AE28BC47B0CF48	1F0A2E09C97C138320FBA7E9291D31247912914223FBFE953917005BAC107A88
Chrome Cache Entry: 160	ASCII text, with very long lines (33967)	B43B94F026B1452991CEE9B4F34B10D5	5E67BB18197C471B858E60EB001A02F546BB6BB6	FFFEADD79D49C3FE10FEA3B2D325D9CBBFCF301CE6AEB8DCCA4FC9B19B7FF2B7
Chrome Cache Entry: 161	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 162	Unicode text, UTF-8 text, with very long lines (61934), with no line terminators	7101A8AAF9A5254C220E4EDA49A59F8D	99E73B4FD2273187C07B868A9A1059A23135B8C2	CD91E5CB1719CB3E852E88D0724AC37A1AFBD0BB987A0B097E668C81A4F0DFB8
Chrome Cache Entry: 163	JSON data	061B4DB0C50D80BCDA3C97A6FF077425	89DFB6A8BFAEEE0457092FED06A9AA92EE9387DC	4F71775CD97686D03503CA25B5299A4B6FE950A2BD46B395082E8B04B43E3A63
Chrome Cache Entry: 164	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 165	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 166	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 8111	1A9078EB7795CC2AB9BE86D02D21A853	0CD912EEE4E1FE283AD99FA0C69CDC1F32DA7025	B68C76624B9979DA1E4138A3570F2F944CF67343AFE8EC089C15E0266E8E2D35
Chrome Cache Entry: 167	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 168	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 169	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 170	JSON data	3E2129EC7EE0D22D5874D661893921C0	E6B20A5603F8B9292D46E2A74E32D1DDC6229196	C45868384DFD77121A6D62BA32304628C211FDC6D471CB985348D731890B6E96
Chrome Cache Entry: 171	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113084	92A840DC3D177339DAE03FEDF22A22B5	C1C9A6E6442388D07A9D9D72C12DA25094D6920F	4A986BA8875F22A0EABC356112A6790F90E114ADB72EAEC4632E03812EC1EDE4
Chrome Cache Entry: 172	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 173	JSON data	061B4DB0C50D80BCDA3C97A6FF077425	89DFB6A8BFAEEE0457092FED06A9AA92EE9387DC	4F71775CD97686D03503CA25B5299A4B6FE950A2BD46B395082E8B04B43E3A63
Chrome Cache Entry: 174	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 224	E61F0B987E7FA04847E5C351DBE9D8DE	18562B0741E8484649FA64E78990CFC97EE7A39F	016CF2A4A3FC33926FEED2F2EC5EDE7CC6E6B18392A10FAF599314C98A742263
Chrome Cache Entry: 175	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 176	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 273170	68B3385A6DFFC8D64E019832ACC918ED	7D29DDA429CED1040EE8959B5688387D4DD1B4E0	17190922204C288B25C7DB6B10EB4130B147C53171E442B25BC1F2D56BB74AEC

Found iframes

Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Iframe src: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Iframe src: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Number of links: 0
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: Title: Sign in to your account does not match URL
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Title: Create account does not match URL
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: Title: Create account does not match URL

Submit button contains javascript call

Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();

HTTP Parser: <input type="password" .../> found

Source: https://fpt.live.com/?session_id=421db01fa45d4b55a2c012f4ab17225f&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU&mkt=EN-US

HTTP Parser: No favicon

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=2793995e-0a7d-40d7-bd35-6968ba142197&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fmyapps.microsoft.com%2F&client-request-id=421db01f-a45d-4b55-a2c0-12f4ab17225f&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.37.1&client_info=1&code_challenge=U-7XMGdIVCRCeuWrA_C3qhJuDNGmhEyBw5zuyXEgvJI&code_challenge_method=S256&nonce=a254f06a-f3b0-4454-aedb-8ce35049f3eb&state=eyJpZCI6IjQyMTRmMGRkLWYxNDMtNDFhZi04ZTM3LTBjYWI0ZGQzZGUyYiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3d7DEE5A5D1B83C921%26opidt%3d1713980349%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3d096C34F011F368CB%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?sru=https%3a%2f%2flogin.live.com%2foauth20_authorize.srf%3flc%3d1033%26client_id%3d2793995e-0a7d-40d7-bd35-6968ba142197%26mkt%3dEN-US%26opid%3dAA8E59DEFCB20667%26opidt%3d1713980366%26uaid%3d421db01fa45d4b55a2c012f4ab17225f%26contextid%3dA9DDC1974D22D3A3%26opignore%3d1&mkt=EN-US&uiflavor=web&lw=1&fl=easi2&client_id=2793995e-0a7d-40d7-bd35-6968ba142197&uaid=421db01fa45d4b55a2c012f4ab17225f&suc=2793995e-0a7d-40d7-bd35-6968ba142197&lic=1	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49728 version: TLS 1.0

Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49718 version: TLS 1.2

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49728 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.49.37
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 23.202.57.177
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.49.37
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	TCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_ChpboAn7HyXj89A22M8mzg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_4aBF4cdky--I3Cpch7JoPw2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_0lriinjhzchre9aqecvmpg2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /converged_ux_v2_nBE5FSqn9KpH44ZlTc3VqQ2.css?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lwsignupstringscountrybirthdate_en-us_gdxUIqa3ijrOefuBnwhTKg2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_MwksSuxFBgQ4Y619ES0DZQ2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/dropdown_caret_KXSZjGsyILZaoTf0sI9X-A2.svg HTTP/1.1Host: acctcdn.msauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_9itStK--DdHYjkMJSN7X3A2.js?v=1 HTTP/1.1Host: acctcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: signup.live.com
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: fpt.live.com

Source: unknown

Source: chromecache_124.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_124.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_124.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_120.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_120.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.31.1/LICENSE
Source: chromecache_122.2.dr, chromecache_111.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/discovery/v2.0/keys
Source: chromecache_135.2.dr, chromecache_170.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/oauth2/v2.0/token
Source: chromecache_132.2.dr, chromecache_155.2.dr	String found in binary or memory: https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Source: chromecache_122.2.dr, chromecache_111.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 23.202.57.177:443 -> 192.168.2.5:49718 version: TLS 1.2

Source: classification engine

Classification label: clean3.win@22/123@22/6

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1992,i,4352217613125422035,14921878551457243964,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1992,i,4352217613125422035,14921878551457243964,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: chromecache_162.2.dr	Binary or memory string: ",ConnectVirtualMachine:"
Source: chromecache_162.2.dr	Binary or memory string: ",DisconnectVirtualMachine:"

ID:	1431290
Product:	CloudBasic
Start time:	19:37:37
Start date:	24.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://login.microsoftonline.com/redeem?rd=https%3a%2f%2finvitations.microsoft.com%2fredeem%2f%3ftenant%3d705d07a3-2eea-4f3b-ab59-65ca29abeb26%26user%3d65e63eb1-1758-4031-ada6-0507ebc55fae%26ticket%3d5IrBN9Vj0IX0gWiHjpV3vCx4QF2OX6a3rZOiFx%25252fkEFs%25253d%26ver%3d2.0