Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z

Overview

General Information

Sample URL:https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmx
Analysis ID:1611314
Infos:

Detection

Score:60
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Antivirus detection for URL or domain
AI detected suspicious Javascript
Detected suspicious crossdomain redirect
HTML body contains low number of good links
HTML body contains password input but no form action
HTML body with high number of embedded SVGs detected
HTML body with high number of embedded images detected
HTML title does not match URL
Invalid T&C link found
Stores files to the Windows start menu directory

Classification

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 4872 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6896 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1936,i,17990906817109875502,10326347469112585898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6516 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://invoicepayout.storagedocumentapp.com/gQete/1.pngAvira URL Cloud: Label: malware
Source: https://5023386162.hostingfederal.com/next.phpAvira URL Cloud: Label: malware

Phishing

barindex
AI detected phishing page
Source: https://invoicepayout.storagedocumentapp.com/gQete/Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'invoicepayout.storagedocumentapp.com' does not match the legitimate domain 'microsoft.com'., The domain 'storagedocumentapp.com' is not associated with Microsoft., The use of a subdomain 'invoicepayout' and the main domain 'storagedocumentapp.com' is suspicious and not typical for Microsoft services., The presence of input fields asking for email on a non-Microsoft domain increases the risk of phishing. DOM: 2.8.pages.csv
Source: https://invoicepayout.storagedocumentapp.com/gQete/Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'invoicepayout.storagedocumentapp.com' does not match the legitimate domain 'microsoft.com'., The domain 'storagedocumentapp.com' is not associated with Microsoft and appears to be a generic or unrelated domain., The use of a subdomain 'invoicepayout' could be an attempt to mimic a legitimate service or function related to Microsoft., The email domain 'omegalole.net' is unrelated to Microsoft, which raises suspicion., The URL structure and domain do not align with typical Microsoft services or products. DOM: 2.9.pages.csv
AI detected suspicious Javascript
Source: 0.45.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://invoicepayout.storagedocumentapp.com/gQete... This script exhibits several high-risk behaviors, including dynamic code execution through the use of `atob()` to decode a value from the URL, and potential data exfiltration by sending the decoded value to an unknown destination. The script also uses obfuscated code and URL parameters, which further increases the risk. While the specific intent is unclear, the overall behavior is highly suspicious and indicative of a potentially malicious script.
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: Number of links: 0
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://app.powerbi.com/view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9HTTP Parser: Total embedded SVG size: 302613
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: Total embedded image size: 123322
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: Title: Sharing Link Validation does not match URL
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: Invalid link: Privacy & Cookies
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: Invalid link: Privacy & Cookies
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: <input type="password" .../> found
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No favicon
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No favicon
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No favicon
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No favicon
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No favicon
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No <meta name="author".. found
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No <meta name="author".. found
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No <meta name="copyright".. found
Source: https://invoicepayout.storagedocumentapp.com/gQete/HTTP Parser: No <meta name="copyright".. found
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: us-west-2.protection.sophos.com to https://app.powerbi.com/view?r=eyjrijoiyja5ntdkotitotu5zc00mtiwltk4zjutngu5ogvinwu5mdm5iiwidci6ije1mwmxnjzllwm3zwetngi1zc1hmjq3ltnkmtayntezy2iwmyj9
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg HTTP/1.1Host: us-west-2.protection.sophos.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9 HTTP/1.1Host: app.powerbi.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.css HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportembed.externals.bundle.min.40263725b44d9c8afdc6.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/spinner-PBI-logo.6434e0fca135a582c323.svg HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery.globalize/globalize.min.8e8ec43af69cf3d5d7aa.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /13.0.25216.48/scripts/hash-manifest.js HTTP/1.1Host: app.powerbi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: WFESessionId=bbfb3f7c-1bb4-4c25-9a6a-6de82b9d29c6; ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/stylelibrary.min.af1ebe07c94da052e9c0.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.vendors.min.00cb94b45fbce65236d9.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.min.967e1375fba5f1ce4cc0.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery-ui.min.54471b21b524931a54a1.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/spinner-PBI-logo.6434e0fca135a582c323.svg HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery.globalize/globalize.min.8e8ec43af69cf3d5d7aa.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery.globalize/globalize.culture.en-US.07ca294f77f622a072a5.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/stylelibrary.min.af1ebe07c94da052e9c0.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportembed.externals.bundle.min.40263725b44d9c8afdc6.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery.globalize/globalize.culture.en-US.07ca294f77f622a072a5.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/jquery-ui.min.54471b21b524931a54a1.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /13.0.25216.48/scripts/hash-manifest.js HTTP/1.1Host: app.powerbi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.vendors.min.00cb94b45fbce65236d9.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.min.967e1375fba5f1ce4cc0.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.app-insights.min.684cff08c0aabc39fc67.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.PowerBIResources.min.144d910635bc1ba1a468.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.fluent-no-header-teal.json.min.4a5ae9ddb3ba87e29f0d.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.fluent-no-header-teal.json.min.4a5ae9ddb3ba87e29f0d.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.app-insights.min.684cff08c0aabc39fc67.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.PowerBIResources.min.144d910635bc1ba1a468.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.json-contracts.min.2031364fe1a9b0277b56.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/fonts/PowrMDL3.fa7dc9744c4804830659.woff HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://app.powerbi.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.json-contracts.min.2031364fe1a9b0277b56.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/PowerBI_Favicon.ico HTTP/1.1Host: app.powerbi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.powerbi.com/view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: WFESessionId=bbfb3f7c-1bb4-4c25-9a6a-6de82b9d29c6; ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ai_user=rg0D3OW71+5iOb8BKzy8Lu|2025-02-10T18:20:51.726Z; ai_session=R6DXjPHE6S4beDnn38Sucj|1739211651728|1739211651728
Source: global trafficHTTP traffic detected: GET /public/reports/b0957d92-959d-4120-98f5-4e98eb5e9039/modelsAndExploration?preferReadOnlySession=true HTTP/1.1Host: wabi-australia-east-b-primary-api.analysis.windows.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0RequestId: 68afaaae-2a69-a809-e32c-57ea28e30f4eUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36ActivityId: bb5f3bd7-653e-b9b9-cb1f-ce87b55fa4a0Accept: application/json, text/plain, */*X-PowerBI-ResourceKey: b0957d92-959d-4120-98f5-4e98eb5e9039sec-ch-ua-platform: "Windows"Origin: https://app.powerbi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/PowerBI_Favicon.ico HTTP/1.1Host: app.powerbi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ai_user=rg0D3OW71+5iOb8BKzy8Lu|2025-02-10T18:20:51.726Z; ai_session=R6DXjPHE6S4beDnn38Sucj|1739211651728|1739211651728
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/externals/jquery-ui.min.60b2fc2bc042fc6831db.css HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.reportEmbed.visuals.min.8e509e7a3e42b4fe7489.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.insightsui.min.f20d10532524f77c6246.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-facebook.540e7e87b568d0d2ad97.svg HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-twitter.c94072a684b92b928aae.svg HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-linkedIn.5b7b4c094669d1400606.svg HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /approvedResources.json HTTP/1.1Host: pbivisuals.powerbi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.powerbi.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /public/reports/b0957d92-959d-4120-98f5-4e98eb5e9039/modelsAndExploration?preferReadOnlySession=true HTTP/1.1Host: wabi-australia-east-b-primary-api.analysis.windows.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.ExplorationPersistentState.min.ee5a98df6c38c06b7a3e.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/externals/powerbi-models.min.a76413e31e0393bc1470.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/externals/jquery-ui.min.02de7165092644634e71.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-facebook.540e7e87b568d0d2ad97.svg HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-twitter.c94072a684b92b928aae.svg HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/share-linkedIn.5b7b4c094669d1400606.svg HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.visual-container-skittles.min.d7111ddc37296613aa57.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/fluentui-icons.5e6faf126288a813b771.svg HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.powerbi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /13.0.25216.48/sharedresources/BaseThemes/CY24SU10.json HTTP/1.1Host: app.powerbi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0RequestId: 4e282046-601f-276c-9aa8-14b7f8b446e1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36ActivityId: bb5f3bd7-653e-b9b9-cb1f-ce87b55fa4a0Accept: application/json, text/plain, */*X-PowerBI-ResourceKey: b0957d92-959d-4120-98f5-4e98eb5e9039sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: WFESessionId=bbfb3f7c-1bb4-4c25-9a6a-6de82b9d29c6; ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ai_user=rg0D3OW71+5iOb8BKzy8Lu|2025-02-10T18:20:51.726Z; ai_session=R6DXjPHE6S4beDnn38Sucj|1739211651728|1739211651728
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.reportEmbed.visuals.min.8e509e7a3e42b4fe7489.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.ExplorationPersistentState.min.ee5a98df6c38c06b7a3e.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/externals/powerbi-models.min.a76413e31e0393bc1470.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/externals/jquery-ui.min.02de7165092644634e71.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.insightsui.min.f20d10532524f77c6246.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /approvedResources.json HTTP/1.1Host: pbivisuals.powerbi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.visual-container-skittles.min.d7111ddc37296613aa57.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.CopyVisualImage.min.ee1fa7f10a31e96e5160.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/images/fluentui-icons.5e6faf126288a813b771.svg HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.TextboxVisual.min.c4c1e01b8cee66eb9d12.js HTTP/1.1Host: content.powerapps.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /13.0.25216.48/sharedresources/BaseThemes/CY24SU10.json HTTP/1.1Host: app.powerbi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ARRAffinity=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ARRAffinitySameSite=d18ffea516fc61e70e17903a154d4cb10e9da3226b374aa80bb8036660648560; ai_user=rg0D3OW71+5iOb8BKzy8Lu|2025-02-10T18:20:51.726Z; ai_session=R6DXjPHE6S4beDnn38Sucj|1739211651728|1739211651728
Source: global trafficHTTP traffic detected: GET /visuals.json HTTP/1.1Host: appsource.powerbi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://app.powerbi.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.TextboxVisual.min.c4c1e01b8cee66eb9d12.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /resource/powerbiwfe/scripts/reportEmbed.CopyVisualImage.min.ee1fa7f10a31e96e5160.js HTTP/1.1Host: content.powerapps.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /visuals.json HTTP/1.1Host: appsource.powerbi.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /public/reports/conceptualschema HTTP/1.1Host: wabi-australia-east-b-primary-api.analysis.windows.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /gQete/ HTTP/1.1Host: invoicepayout.storagedocumentapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/8a57887573f2/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /turnstile/v0/g/8a57887573f2/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=90fe1dfd985e43a7&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: invoicepayout.storagedocumentapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://invoicepayout.storagedocumentapp.com/gQete/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=r38uicris6evtfs980lem3ns97
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=90fe1dfd985e43a7&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1438183020:1739207724:Gg68OASIBhSFYFo0cWS-KMFtXk_B7wzY70SK0-ioMVU/90fe1dfd985e43a7/zGIdJDA4X.2LFz1H_nYmWzEIcQ_OLrjxs3xsUpHhrn8-1739211668-1.1.1.1-tN1FAC4yHkbAQx4jduWl56XtCq5fMoF_l67ICRd2o.GGmzl0iJgfPuhbA3xUCeL8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/pat/90fe1dfd985e43a7/1739211669817/d30dee3dd699497bfeba2fe677734f450ce4054bbe6cf15ee209b0d5dcf4b16e/xgBFn4bd8AapTR9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/90fe1dfd985e43a7/1739211669820/1gkX_WCQToHOwZ7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/d/90fe1dfd985e43a7/1739211669820/1gkX_WCQToHOwZ7 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1438183020:1739207724:Gg68OASIBhSFYFo0cWS-KMFtXk_B7wzY70SK0-ioMVU/90fe1dfd985e43a7/zGIdJDA4X.2LFz1H_nYmWzEIcQ_OLrjxs3xsUpHhrn8-1739211668-1.1.1.1-tN1FAC4yHkbAQx4jduWl56XtCq5fMoF_l67ICRd2o.GGmzl0iJgfPuhbA3xUCeL8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/flow/ov1/1438183020:1739207724:Gg68OASIBhSFYFo0cWS-KMFtXk_B7wzY70SK0-ioMVU/90fe1dfd985e43a7/zGIdJDA4X.2LFz1H_nYmWzEIcQ_OLrjxs3xsUpHhrn8-1739211668-1.1.1.1-tN1FAC4yHkbAQx4jduWl56XtCq5fMoF_l67ICRd2o.GGmzl0iJgfPuhbA3xUCeL8 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://invoicepayout.storagedocumentapp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://invoicepayout.storagedocumentapp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://invoicepayout.storagedocumentapp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /jquery-3.2.1.slim.min.js HTTP/1.1Host: code.jquery.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: 5023386162-1317754460.cos.ap-singapore.myqcloud.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2019/04/office_365.png.webp HTTP/1.1Host: yourmactech.com.auConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /bootstrap.min.js HTTP/1.1Host: 5023386162-1317754460.cos.ap-singapore.myqcloud.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wp-content/uploads/2019/04/office_365.png.webp HTTP/1.1Host: yourmactech.com.auConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /next.php HTTP/1.1Host: 5023386162.hostingfederal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /gQete/1.png HTTP/1.1Host: invoicepayout.storagedocumentapp.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://invoicepayout.storagedocumentapp.com/gQete/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=r38uicris6evtfs980lem3ns97
Source: global trafficHTTP traffic detected: GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://invoicepayout.storagedocumentapp.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://invoicepayout.storagedocumentapp.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /next.php HTTP/1.1Host: 5023386162.hostingfederal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: us-west-2.protection.sophos.com
Source: global trafficDNS traffic detected: DNS query: app.powerbi.com
Source: global trafficDNS traffic detected: DNS query: content.powerapps.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: dc.services.visualstudio.com
Source: global trafficDNS traffic detected: DNS query: wabi-australia-east-b-primary-api.analysis.windows.net
Source: global trafficDNS traffic detected: DNS query: pbivisuals.powerbi.com
Source: global trafficDNS traffic detected: DNS query: appsource.powerbi.com
Source: global trafficDNS traffic detected: DNS query: invoicepayout.storagedocumentapp.com
Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: code.jquery.com
Source: global trafficDNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global trafficDNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global trafficDNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global trafficDNS traffic detected: DNS query: 5023386162-1317754460.cos.ap-singapore.myqcloud.com
Source: global trafficDNS traffic detected: DNS query: 5023386162.hostingfederal.com
Source: global trafficDNS traffic detected: DNS query: yourmactech.com.au
Source: unknownHTTP traffic detected: POST /v2/track HTTP/1.1Host: dc.services.visualstudio.comConnection: keep-aliveContent-Length: 21865sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-type: application/jsonsec-ch-ua-mobile: ?0Sdk-Context: appIdUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://app.powerbi.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.powerbi.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 10 Feb 2025 18:21:09 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: HITAge: 115Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYdWep1DwFa8LUZO1ZAPWWtBjPqdl1a66H4uoo9VQ%2BF%2BR5c%2FhjEAmCDQN2q9RMNYzvhjwohLPvQipkNnajrED4MtQgDudL9J2ktRZW6Eyg4Dr2NpKmoOFGFXFF6H%2FKAKMVuQ1ErRSCBfVmdJLMcybWprK64Tnh0%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 90fe1e043fb05e6b-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1604&min_rtt=1598&rtt_var=613&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2858&recv_bytes=1258&delivery_rate=1766485&cwnd=247&unsent_bytes=0&cid=48196524e8e79287&ts=3373&x=0"
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 10 Feb 2025 18:21:28 GMTContent-Type: text/html; charset=iso-8859-1Transfer-Encoding: chunkedConnection: closeCache-Control: max-age=14400CF-Cache-Status: HITAge: 126Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aotg7Bo1fmcOiDE1bOUwdJMDeeHib1R3L%2FOuvFz4lA2V786Hl2WbFZNtgu1EN%2FTu7yFsphpa8Rz76xw184yx8Z4tcV8JAm1T430T5xdCtcbAWI4%2FWjNcYFkusVcQGZOIHxSnxwXutMPSlOcdfeUigh5vpFvywHM%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 90fe1e7b49a3431c-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1684&min_rtt=1681&rtt_var=637&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2857&recv_bytes=1258&delivery_rate=1709601&cwnd=238&unsent_bytes=0&cid=8a7b98c5d7eb1114&ts=10306&x=0"
Source: chromecache_194.1.dr, chromecache_159.1.drString found in binary or memory: http://github.com/jquery/globalize
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://interactjs.io/docs/#autoscroll
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://interactjs.io/docs/#resize-square
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://interactjs.io/docs/inertia
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://interactjs.io/docs/restriction
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://interactjs.io/docs/snapping
Source: chromecache_208.1.dr, chromecache_194.1.dr, chromecache_151.1.dr, chromecache_159.1.drString found in binary or memory: http://jquery.org/license
Source: chromecache_165.1.drString found in binary or memory: http://jqueryui.com
Source: chromecache_165.1.drString found in binary or memory: http://jqueryui.com/themeroller/?scope=&folderName=base&cornerRadiusShadow=8px&offsetLeftShadow=0px&
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://jscompress.com/
Source: chromecache_204.1.dr, chromecache_183.1.drString found in binary or memory: http://opensource.org/licenses/MIT).
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: http://underscorejs.org/LICENSE
Source: chromecache_196.1.dr, chromecache_202.1.drString found in binary or memory: http://wiki.jqueryui.com/Globalize
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://dev.azure.com/powerbi/PowerBIClients/_git/PowerBIClients/pullrequest/131629)
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4iaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4jaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4kaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4saVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4taVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4uaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4vaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x5OaVI
Source: chromecache_209.1.drString found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x5caVI
Source: chromecache_214.1.dr, chromecache_188.1.dr, chromecache_189.1.drString found in binary or memory: https://getbootstrap.com)
Source: chromecache_203.1.dr, chromecache_169.1.drString found in binary or memory: https://getbootstrap.com/)
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://github.com/gromo/jquery.scrollbar/
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://github.com/jquery/PEP
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://github.com/requirejs/requirejs/blob/master/LICENSE
Source: chromecache_214.1.dr, chromecache_188.1.dr, chromecache_189.1.dr, chromecache_203.1.dr, chromecache_169.1.drString found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_214.1.dr, chromecache_189.1.dr, chromecache_203.1.dr, chromecache_169.1.drString found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://lodash.com/
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://lodash.com/license
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://openjsf.org/
Source: chromecache_208.1.dr, chromecache_151.1.drString found in binary or memory: https://raw.github.com/taye/interact.js/master/LICENSE
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49861
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50125 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49854
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50113 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 50040 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49839
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 49921 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49887 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50119 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49830
Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49927 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49885 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49898
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49894
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49891
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49905 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49887
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49886
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49885
Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49883
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49940 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50121 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49891 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49869
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50042 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49861 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50088 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49947 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50100 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50054 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50121
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50124
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50123
Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50052 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49977 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49925 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49927
Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50029 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
Source: unknownNetwork traffic detected: HTTP traffic on port 50086 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49854 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49883 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49948 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49959 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49905
Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
Source: classification engineClassification label: mal60.phis.win@21/135@66/23
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1936,i,17990906817109875502,10326347469112585898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1936,i,17990906817109875502,10326347469112585898,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		1
Process Injection		3
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg0%Avira URL Cloudsafe

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://interactjs.io/docs/inertia0%Avira URL Cloudsafe
http://interactjs.io/docs/#resize-square0%Avira URL Cloudsafe
https://wabi-australia-east-b-primary-api.analysis.windows.net/public/reports/conceptualschema0%Avira URL Cloudsafe
https://yourmactech.com.au/wp-content/uploads/2019/04/office_365.png.webp0%Avira URL Cloudsafe
http://interactjs.io/docs/restriction0%Avira URL Cloudsafe
http://interactjs.io/docs/#autoscroll0%Avira URL Cloudsafe
https://5023386162-1317754460.cos.ap-singapore.myqcloud.com/bootstrap.min.js0%Avira URL Cloudsafe
https://invoicepayout.storagedocumentapp.com/gQete/1.png100%Avira URL Cloudmalware
http://wiki.jqueryui.com/Globalize0%Avira URL Cloudsafe
https://5023386162.hostingfederal.com/next.php100%Avira URL Cloudmalware
https://invoicepayout.storagedocumentapp.com/favicon.ico0%Avira URL Cloudsafe
http://interactjs.io/docs/snapping0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
stackpath.bootstrapcdn.com
104.18.11.207
truefalse
    		high
    sgp.file.myqcloud.com
    		43.152.64.207
    		truefalse
      		high
      a.nel.cloudflare.com
      		35.190.80.1
      		truefalse
        		high
        gig-ai-g-prod-westeurope-1-app-v4-tag.westeurope.cloudapp.azure.com
        		20.50.88.244
        		truefalse
          		high
          waws-prod-zrh-eefa1ef4.sip.p.azurewebsites.windows.net
          		51.107.48.124
          		truefalse
            		unknown
            waws-prod-am2-a8c336ff.sip.p.azurewebsites.windows.net
            		40.74.24.71
            		truefalse
              		high
              s-part-0017.t-0009.t-msedge.net
              		13.107.246.45
              		truefalse
                		high
                s-part-0017.t-0009.fb-t-msedge.net
                		13.107.253.45
                		truefalse
                  		high
                  maxcdn.bootstrapcdn.com
                  		104.18.11.207
                  		truefalse
                    		high
                    gig-ai-g-prod-westeurope-7-app-v4-tag.westeurope.cloudapp.azure.com
                    		20.50.88.235
                    		truefalse
                      		high
                      waws-prod-fra-7692ab21.sip.p.azurewebsites.windows.net
                      		51.116.144.68
                      		truefalse
                        		high
                        d2t07dpvw9bt1v.cloudfront.net
                        		18.66.147.74
                        		truefalse
                          		high
                          apiefd1566bbeb64dadb28d8de1fcf189b1g63ozumxxsl6e0y1bdqyw.australiaeast.cloudapp.azure.com
                          		20.227.35.58
                          		truefalse
                            		unknown
                            code.jquery.com
                            		151.101.130.137
                            		truefalse
                              		high
                              cdnjs.cloudflare.com
                              		104.17.25.14
                              		truefalse
                                		high
                                invoicepayout.storagedocumentapp.com
                                		188.114.97.3
                                		truetrue
                                  		unknown
                                  challenges.cloudflare.com
                                  		104.18.95.41
                                  		truefalse
                                    		high
                                    yourmactech.com.au
                                    		104.21.16.1
                                    		truefalse
                                      		high
                                      5023386162.hostingfederal.com
                                      		69.49.246.64
                                      		truefalse
                                        		high
                                        www.google.com
                                        		172.217.16.196
                                        		truefalse
                                          		high
                                          us-west-2.protection.sophos.com
                                          		unknown
                                          		unknownfalse
                                            		high
                                            wabi-australia-east-b-primary-api.analysis.windows.net
                                            		unknown
                                            		unknownfalse
                                              		high
                                              appsource.powerbi.com
                                              		unknown
                                              		unknownfalse
                                                		high
                                                app.powerbi.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  5023386162-1317754460.cos.ap-singapore.myqcloud.com
                                                  		unknown
                                                  		unknownfalse
                                                    		high
                                                    content.powerapps.com
                                                    		unknown
                                                    		unknownfalse
                                                      		high
                                                      dc.services.visualstudio.com
                                                      		unknown
                                                      		unknownfalse
                                                        		high
                                                        pbivisuals.powerbi.com
                                                        		unknown
                                                        		unknownfalse
                                                          		high

                                                          Contacted URLs

                                                          NameMaliciousAntivirus DetectionReputation
                                                          https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.PowerBIResources.min.144d910635bc1ba1a468.jsfalse
                                                            		high
                                                            https://content.powerapps.com/resource/powerbiwfe/images/share-facebook.540e7e87b568d0d2ad97.svgfalse
                                                              		high
                                                              https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.fluent-no-header-teal.json.min.4a5ae9ddb3ba87e29f0d.jsfalse
                                                                		high
                                                                https://wabi-australia-east-b-primary-api.analysis.windows.net/public/reports/conceptualschemafalse
                                                                • Avira URL Cloud: safe
                                                                		unknown
                                                                https://code.jquery.com/jquery-3.2.1.slim.min.jsfalse
                                                                  		high
                                                                  https://content.powerapps.com/resource/powerbiwfe/images/share-linkedIn.5b7b4c094669d1400606.svgfalse
                                                                    		high
                                                                    https://a.nel.cloudflare.com/report/v4?s=cYdWep1DwFa8LUZO1ZAPWWtBjPqdl1a66H4uoo9VQ%2BF%2BR5c%2FhjEAmCDQN2q9RMNYzvhjwohLPvQipkNnajrED4MtQgDudL9J2ktRZW6Eyg4Dr2NpKmoOFGFXFF6H%2FKAKMVuQ1ErRSCBfVmdJLMcybWprK64Tnh0%3Dfalse
                                                                      		high
                                                                      https://invoicepayout.storagedocumentapp.com/gQete/1.pngtrue
                                                                      • Avira URL Cloud: malware
                                                                      		unknown
                                                                      https://a.nel.cloudflare.com/report/v4?s=aotg7Bo1fmcOiDE1bOUwdJMDeeHib1R3L%2FOuvFz4lA2V786Hl2WbFZNtgu1EN%2FTu7yFsphpa8Rz76xw184yx8Z4tcV8JAm1T430T5xdCtcbAWI4%2FWjNcYFkusVcQGZOIHxSnxwXutMPSlOcdfeUigh5vpFvywHM%3Dfalse
                                                                        		high
                                                                        https://content.powerapps.com/resource/powerbiwfe/scripts/jquery-ui.min.54471b21b524931a54a1.jsfalse
                                                                          		high
                                                                          https://content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/globalize.culture.en-US.07ca294f77f622a072a5.jsfalse
                                                                            		high
                                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/d/90fe1dfd985e43a7/1739211669820/1gkX_WCQToHOwZ7false
                                                                              		high
                                                                              https://dc.services.visualstudio.com/v2/trackfalse
                                                                                		high
                                                                                https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.json-contracts.min.2031364fe1a9b0277b56.jsfalse
                                                                                  		high
                                                                                  https://pbivisuals.powerbi.com/approvedResources.jsonfalse
                                                                                    		high
                                                                                    https://content.powerapps.com/resource/powerbiwfe/images/fluentui-icons.5e6faf126288a813b771.svgfalse
                                                                                      		high
                                                                                      https://content.powerapps.com/resource/powerbiwfe/externals/jquery-ui.min.60b2fc2bc042fc6831db.cssfalse
                                                                                        		high
                                                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/90fe1dfd985e43a7/1739211669817/d30dee3dd699497bfeba2fe677734f450ce4054bbe6cf15ee209b0d5dcf4b16e/xgBFn4bd8AapTR9false
                                                                                          		high
                                                                                          https://content.powerapps.com/resource/powerbiwfe/images/spinner-PBI-logo.6434e0fca135a582c323.svgfalse
                                                                                            		high
                                                                                            https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxgfalse
                                                                                              		high
                                                                                              https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.min.967e1375fba5f1ce4cc0.jsfalse
                                                                                                		high
                                                                                                https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=90fe1dfd985e43a7&lang=autofalse
                                                                                                  		high
                                                                                                  https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.vendors.min.00cb94b45fbce65236d9.jsfalse
                                                                                                    		high
                                                                                                    https://app.powerbi.com/images/PowerBI_Favicon.icofalse
                                                                                                      		high
                                                                                                      https://content.powerapps.com/resource/powerbiwfe/fonts/PowrMDL3.fa7dc9744c4804830659.wofffalse
                                                                                                        		high
                                                                                                        https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/fc74p/0x4AAAAAAA56VtoCeX5uEo1y/auto/fbE/new/normal/auto/false
                                                                                                          		high
                                                                                                          https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.jsfalse
                                                                                                            		high
                                                                                                            https://yourmactech.com.au/wp-content/uploads/2019/04/office_365.png.webpfalse
                                                                                                            • Avira URL Cloud: safe
                                                                                                            		unknown
                                                                                                            https://appsource.powerbi.com/visuals.jsonfalse
                                                                                                              		high
                                                                                                              https://content.powerapps.com/resource/powerbiwfe/images/share-twitter.c94072a684b92b928aae.svgfalse
                                                                                                                		high
                                                                                                                https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.CopyVisualImage.min.ee1fa7f10a31e96e5160.jsfalse
                                                                                                                  		high
                                                                                                                  https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1438183020:1739207724:Gg68OASIBhSFYFo0cWS-KMFtXk_B7wzY70SK0-ioMVU/90fe1dfd985e43a7/zGIdJDA4X.2LFz1H_nYmWzEIcQ_OLrjxs3xsUpHhrn8-1739211668-1.1.1.1-tN1FAC4yHkbAQx4jduWl56XtCq5fMoF_l67ICRd2o.GGmzl0iJgfPuhbA3xUCeL8false
                                                                                                                    		high
                                                                                                                    https://content.powerapps.com/resource/powerbiwfe/externals/powerbi-models.min.a76413e31e0393bc1470.jsfalse
                                                                                                                      		high
                                                                                                                      https://challenges.cloudflare.com/turnstile/v0/g/8a57887573f2/api.jsfalse
                                                                                                                        		high
                                                                                                                        https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.visual-container-skittles.min.d7111ddc37296613aa57.jsfalse
                                                                                                                          		high
                                                                                                                          https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.insightsui.min.f20d10532524f77c6246.jsfalse
                                                                                                                            		high
                                                                                                                            https://5023386162-1317754460.cos.ap-singapore.myqcloud.com/bootstrap.min.jsfalse
                                                                                                                            • Avira URL Cloud: safe
                                                                                                                            		unknown
                                                                                                                            https://content.powerapps.com/resource/powerbiwfe/externals/jquery-ui.min.02de7165092644634e71.jsfalse
                                                                                                                              		high
                                                                                                                              https://invoicepayout.storagedocumentapp.com/gQete/true
                                                                                                                                		unknown
                                                                                                                                https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.TextboxVisual.min.c4c1e01b8cee66eb9d12.jsfalse
                                                                                                                                  		high
                                                                                                                                  https://app.powerbi.com/13.0.25216.48/scripts/hash-manifest.jsfalse
                                                                                                                                    		high
                                                                                                                                    https://challenges.cloudflare.com/turnstile/v0/api.jsfalse
                                                                                                                                      		high
                                                                                                                                      https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.reportEmbed.visuals.min.8e509e7a3e42b4fe7489.jsfalse
                                                                                                                                        		high
                                                                                                                                        https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.jsfalse
                                                                                                                                          		high
                                                                                                                                          https://app.powerbi.com/13.0.25216.48/sharedresources/BaseThemes/CY24SU10.jsonfalse
                                                                                                                                            		high
                                                                                                                                            https://content.powerapps.com/resource/powerbiwfe/scripts/reportembed.externals.bundle.min.40263725b44d9c8afdc6.jsfalse
                                                                                                                                              		high
                                                                                                                                              https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.cssfalse
                                                                                                                                                		high
                                                                                                                                                https://app.powerbi.com/view?r=eyJrIjoiYjA5NTdkOTItOTU5ZC00MTIwLTk4ZjUtNGU5OGViNWU5MDM5IiwidCI6IjE1MWMxNjZlLWM3ZWEtNGI1ZC1hMjQ3LTNkMTAyNTEzY2IwMyJ9false
                                                                                                                                                  		high
                                                                                                                                                  https://content.powerapps.com/resource/powerbiwfe/styles/reportembed.bundle.min.5d1cb0e7c3a68f0eec05.cssfalse
                                                                                                                                                    		high
                                                                                                                                                    https://content.powerapps.com/resource/powerbiwfe/scripts/stylelibrary.min.af1ebe07c94da052e9c0.jsfalse
                                                                                                                                                      		high
                                                                                                                                                      https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.jsfalse
                                                                                                                                                        		high
                                                                                                                                                        https://5023386162.hostingfederal.com/next.phpfalse
                                                                                                                                                        • Avira URL Cloud: malware
                                                                                                                                                        		unknown
                                                                                                                                                        https://content.powerapps.com/resource/powerbiwfe/scripts/jquery.globalize/globalize.min.8e8ec43af69cf3d5d7aa.jsfalse
                                                                                                                                                          		high
                                                                                                                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1false
                                                                                                                                                            		high
                                                                                                                                                            https://invoicepayout.storagedocumentapp.com/favicon.icofalse
                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://content.powerapps.com/resource/powerbiwfe/scripts/reportEmbed.app-insights.min.684cff08c0aabc39fc67.jsfalse
                                                                                                                                                              		high

                                                                                                                                                              URLs from Memory and Binaries

                                                                                                                                                              NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                              https://github.com/jquery/PEPchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://npms.io/search?q=ponyfill.chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://jquery.org/licensechromecache_208.1.dr, chromecache_194.1.dr, chromecache_151.1.dr, chromecache_159.1.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://dev.azure.com/powerbi/PowerBIClients/_git/PowerBIClients/pullrequest/131629)chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://jqueryui.comchromecache_165.1.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://github.com/requirejs/requirejs/blob/master/LICENSEchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://wiki.jqueryui.com/Globalizechromecache_196.1.dr, chromecache_202.1.drfalse
                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          http://interactjs.io/docs/#resize-squarechromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://github.com/twbs/bootstrap/graphs/contributors)chromecache_214.1.dr, chromecache_189.1.dr, chromecache_203.1.dr, chromecache_169.1.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://opensource.org/licenses/MIT).chromecache_204.1.dr, chromecache_183.1.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://jscompress.com/chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://openjsf.org/chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  http://interactjs.io/docs/inertiachromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  http://github.com/jquery/globalizechromecache_194.1.dr, chromecache_159.1.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://lodash.com/chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      http://interactjs.io/docs/#autoscrollchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://interactjs.io/docs/restrictionchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      http://jqueryui.com/themeroller/?scope=&folderName=base&cornerRadiusShadow=8px&offsetLeftShadow=0px&chromecache_165.1.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://getbootstrap.com/)chromecache_203.1.dr, chromecache_169.1.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://raw.github.com/taye/interact.js/master/LICENSEchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://underscorejs.org/LICENSEchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://getbootstrap.com)chromecache_214.1.dr, chromecache_188.1.dr, chromecache_189.1.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://github.com/gromo/jquery.scrollbar/chromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://github.com/twbs/bootstrap/blob/master/LICENSE)chromecache_214.1.dr, chromecache_188.1.dr, chromecache_189.1.dr, chromecache_203.1.dr, chromecache_169.1.drfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://lodash.com/licensechromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://interactjs.io/docs/snappingchromecache_208.1.dr, chromecache_151.1.drfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                      20.50.88.244
                                                                                                                                                                                                      		gig-ai-g-prod-westeurope-1-app-v4-tag.westeurope.cloudapp.azure.comUnited States
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      13.107.246.45
                                                                                                                                                                                                      		s-part-0017.t-0009.t-msedge.netUnited States
                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      43.152.64.193
                                                                                                                                                                                                      		unknownJapan4249LILLY-ASUSfalse
                                                                                                                                                                                                      151.101.130.137
                                                                                                                                                                                                      		code.jquery.comUnited States
                                                                                                                                                                                                      		54113FASTLYUSfalse
                                                                                                                                                                                                      69.49.246.64
                                                                                                                                                                                                      		5023386162.hostingfederal.comUnited States
                                                                                                                                                                                                      		46606UNIFIEDLAYER-AS-1USfalse
                                                                                                                                                                                                      51.107.48.124
                                                                                                                                                                                                      		waws-prod-zrh-eefa1ef4.sip.p.azurewebsites.windows.netUnited Kingdom
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      51.116.144.68
                                                                                                                                                                                                      		waws-prod-fra-7692ab21.sip.p.azurewebsites.windows.netUnited Kingdom
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      35.190.80.1
                                                                                                                                                                                                      		a.nel.cloudflare.comUnited States
                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                      104.21.16.1
                                                                                                                                                                                                      		yourmactech.com.auUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      18.66.147.74
                                                                                                                                                                                                      		d2t07dpvw9bt1v.cloudfront.netUnited States
                                                                                                                                                                                                      		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                      40.74.24.71
                                                                                                                                                                                                      		waws-prod-am2-a8c336ff.sip.p.azurewebsites.windows.netUnited States
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      13.107.253.45
                                                                                                                                                                                                      		s-part-0017.t-0009.fb-t-msedge.netUnited States
                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      20.50.88.235
                                                                                                                                                                                                      		gig-ai-g-prod-westeurope-7-app-v4-tag.westeurope.cloudapp.azure.comUnited States
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      104.18.95.41
                                                                                                                                                                                                      		challenges.cloudflare.comUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      104.18.11.207
                                                                                                                                                                                                      		stackpath.bootstrapcdn.comUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                      151.101.2.137
                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                      		54113FASTLYUSfalse
                                                                                                                                                                                                      20.227.35.58
                                                                                                                                                                                                      		apiefd1566bbeb64dadb28d8de1fcf189b1g63ozumxxsl6e0y1bdqyw.australiaeast.cloudapp.azure.comUnited States
                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                      239.255.255.250
                                                                                                                                                                                                      		unknownReserved
                                                                                                                                                                                                      		unknownunknownfalse
                                                                                                                                                                                                      188.114.97.3
                                                                                                                                                                                                      		invoicepayout.storagedocumentapp.comEuropean Union
                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                      172.217.16.196
                                                                                                                                                                                                      		www.google.comUnited States
                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                      43.152.64.207
                                                                                                                                                                                                      		sgp.file.myqcloud.comJapan4249LILLY-ASUSfalse
                                                                                                                                                                                                      104.17.25.14
                                                                                                                                                                                                      		cdnjs.cloudflare.comUnited States
                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                                      Private

                                                                                                                                                                                                      IP
                                                                                                                                                                                                      192.168.2.16

                                                                                                                                                                                                      General Information

                                                                                                                                                                                                      Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                      Analysis ID:1611314
                                                                                                                                                                                                      Start date and time:2025-02-10 19:20:09 +01:00
                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                      Overall analysis duration:0h 4m 4s
                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                      Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                                                                                                      Sample URL:https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg
                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                      Number of analysed new started processes analysed:13
                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                      Classification:mal60.phis.win@21/135@66/23
                                                                                                                                                                                                      EGA Information:Failed
                                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                                      • Successful, ratio: 100%
                                                                                                                                                                                                      • Number of executed functions: 0
                                                                                                                                                                                                      • Number of non-executed functions: 0

                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 216.58.206.35, 172.217.18.110, 142.251.168.84, 142.250.186.110, 142.250.185.238, 199.232.210.172, 142.250.186.142, 142.250.185.110, 142.250.186.46, 142.250.186.74, 142.250.184.202, 142.250.185.170, 142.250.186.138, 142.250.186.42, 142.250.186.106, 142.250.181.234, 142.250.185.138, 172.217.18.106, 172.217.16.202, 142.250.185.106, 142.250.184.234, 216.58.212.138, 142.250.186.170, 172.217.18.10, 216.58.206.74, 142.250.186.99, 142.250.185.163, 142.250.185.206, 142.250.184.238, 142.250.186.174, 184.28.90.27, 13.107.246.61, 4.175.87.197, 52.149.20.212
                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, slscr.update.microsoft.com, ajax.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, redirector.gvt1.com, update.googleapis.com, clients.l.google.com
                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                      • VT rate limit hit for: https://us-west-2.protection.sophos.com/?d=powerbi.com&u=aHR0cHM6Ly9hcHAucG93ZXJiaS5jb20vdmlldz9yPWV5SnJJam9pWWpBNU5UZGtPVEl0T1RVNVpDMDBNVEl3TFRrNFpqVXROR1U1T0dWaU5XVTVNRE01SWl3aWRDSTZJakUxTVdNeE5qWmxMV00zWldFdE5HSTFaQzFoTWpRM0xUTmtNVEF5TlRFelkySXdNeUo5&i=NjAzNTFlYmUxMmQ2N2MzMjNhNzYzZDg0&t=cXRBVTE0Z3RLSGRTdEd4cm1WNzFhUm4wLzUzdXZKYklHYmduYnhYNlpsVT0=&h=5e715a0526a946bcaa614abc851141f0&s=AVNPUEhUT0NFTkNSWVBUSVYXtWfTC_gnxLfx0tqsdWatsuMxIHchoBDvy0tVrFrMxg

                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                      No simulations