Edit tour

Windows Analysis Report
f1215887448.exe

Overview

General Information

Sample name:	f1215887448.exe
Analysis ID:	1634961
MD5:	35294288ad4cd9e17773103f84d7a186
SHA1:	db47329f1e4e203f90a25e0020e2d9028b4f79c4
SHA256:	b04768efe09a940c12c4ad29b5296febace8aa3d494778f8277d1378b028821b
Infos:

Detection

Score:	48
Range:	0 - 100
Confidence:	100%

Signatures

Found strings related to Crypto-Mining

Maps a DLL or memory area into another process

Checks if the current process is being debugged

Connects to many different domains

Creates a process in suspended mode (likely to inject code)

Detected TCP or UDP traffic on non-standard ports

Detected non-DNS traffic on DNS port

IP address seen in connection with other malware

May sleep (evasive loops) to hinder dynamic analysis

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

PE file contains an invalid checksum

PE file does not import any functions

Queries keyboard layouts

Queries the volume information (name, serial number etc) of a device

Uses 32bit PE files

Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

System is w11x64_office

msedge.exe (PID: 4332 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" MD5: 438D99FEE85BB97BDE75E5F1C9EDCACA)

msedge.exe (PID: 1744 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:3 MD5: 438D99FEE85BB97BDE75E5F1C9EDCACA)

identity_helper.exe (PID: 5076 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8 MD5: 799B8192198E431938AD498DA9EFE217)

conhost.exe (PID: 5780 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 9698384842DA735D80D278A427A229AB)

identity_helper.exe (PID: 2000 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8 MD5: 799B8192198E431938AD498DA9EFE217)

msedge.exe (PID: 6100 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=4252 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8 MD5: 438D99FEE85BB97BDE75E5F1C9EDCACA)

chrome.exe (PID: 2848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" MD5: 290DF23002E9B52249B5549F0C668A86)

chrome.exe (PID: 4600 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=1780,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=2028 /prefetch:11 MD5: 290DF23002E9B52249B5549F0C668A86)

chrome.exe (PID: 7752 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --string-annotations=is-enterprise-managed=no --field-trial-handle=6396,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6388 /prefetch:12 MD5: 290DF23002E9B52249B5549F0C668A86)

chrome.exe (PID: 1760 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=6504,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6368 /prefetch:14 MD5: 290DF23002E9B52249B5549F0C668A86)

WebViewHost.exe (PID: 7692 cmdline: "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe" MD5: 737C3D5A23C7B81B3969762D79E817BD)

msedgewebview2.exe (PID: 2280 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314 MD5: 7333249A2DA2F769900496F812DFBD57)

msedgewebview2.exe (PID: 6576 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860 MD5: 7333249A2DA2F769900496F812DFBD57)

msedgewebview2.exe (PID: 1444 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:2 MD5: 7333249A2DA2F769900496F812DFBD57)

msedgewebview2.exe (PID: 7452 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:3 MD5: 7333249A2DA2F769900496F812DFBD57)

msedgewebview2.exe (PID: 1184 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:8 MD5: 7333249A2DA2F769900496F812DFBD57)

msedgewebview2.exe (PID: 6444 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:1 MD5: 7333249A2DA2F769900496F812DFBD57)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: msedgewebview2.exe, 0000001A.00000002.4325329274.00005B5800284000.00000004.00000800.00020000.00000000.sdmp

Binary or memory string: -----BEGIN PUBLIC KEY-----

memstr_4eca15ff-5

Bitcoin Miner

Found strings related to Crypto-Mining

Source: msedgewebview2.exe, 0000001A.00000002.4395689106.00005B5800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: jsecoin.com/
Source: msedgewebview2.exe, 0000001A.00000002.4395689106.00005B5800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: coinhive.com/

Source: f1215887448.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: unknown

HTTPS traffic detected: 104.16.99.29:443 -> 192.168.2.24:56495 version: TLS 1.2

Source: f1215887448.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:

Binary string: ".APPLICATION",".APPREF-MS",".APPX",".APPXBUNDLE",".APS",".ARC",".ARI",".ARJ",".ART",".ARW",".ASA",".ASAX",".ASC",".ASCX",".ASF",".ASHX",".ASM",".ASMX",".ASP",".ASPX",".ASX",".AU",".AVCI",".AVCS",".AVI",".AW",".BAS",".BAT",".BAY",".BCP",".BIN",".BKF",".BLG",".BMP",".BSC",".C",".CAMP",".CAP",".CAT",".CC",".CCPROJ",".CD",".CDA",".CDMP",".CDX",".CDXML",".CER",".CGM",".CHK",".CHM",".CLS",".CMD",".COD",".COFFEE",".COM",".COMPOSITEFONT",".CONFIG",".CONTACT",".COVERAGE",".CPL",".CPP",".CR2",".CRL",".CRT",".CRTX",".CRW",".CS",".CSA",".CSH",".CSHADER",".CSHTML",".CSPROJ",".CSS",".CSV",".CUR",".CXX",".DAT",".DATASOURCE",".DB",".DBG",".DBS",".DCR",".DCS",".DCT",".DCTX",".DCTXC",".DDS",".DEF",".DEPLOYPROJ",".DEPS",".DER",".DESKLINE",".DESKTHEMEPACK",".DET",".DEVICEMANIFEST-MS",".DEVICEMETADATA-MS",".DGML",".DIAGCAB",".DIAGCFG",".DIAGPKG",".DIAGSESSION",".DIB",".DIC",".DIFF",".DISCO",".DIVX",".DIZ",".DLL",".DL_",".DMP",".DNG",".DOC",".DOCHTML",".DOCM",".DOCMHTML",".DOCX",".DOCXML",".DOS",".DOT",".DOTHTML",".DOTM",".DOTX",".DQY",".DRF",".DRV",".DSGL",".DSH",".DSHADER",".DSN",".DSP",".DSW",".DTCP-IP",".DTD",".DVR-MS",".DWFX",".EASMX",".EC3",".EDMX",".EDRWX",".EIP",".ELM",".EMF",".EML",".EPRTX",".EPS",".EPUB",".ERF",".ETL",".ETP",".EVT",".EVTX",".EXC",".EXP",".EXT",".EX_",".EYB",".FAQ",".FBX",".FDM",".FFF",".FH",".FIF",".FILTERS",".FKY",".FLAC",".FND",".FNT",".FON",".FX",".GCSX",".GENERICTEST",".GHI",".GIF",".GLB",".GLOX",".GLTF",".GMMP",".GQSX",".GRA",".GROUP",".GRP",".GSH",".GSHADER",".GZ",".H",".HD3D",".HDMP",".HDP",".HEIC",".HEICS",".HEIF",".HEIFS",".HH",".HHC",".HLP",".HLSL",".HLSLI",".HOL",".HPP",".HPX",".HSH",".HSHADER",".HTA",".HTC",".HTM",".HTML",".HTT",".HTW",".HTX",".HXA",".HXC",".HXD",".HXE",".HXF",".HXH",".HXI",".HXK",".HXQ",".HXR",".HXS",".HXT",".HXV",".HXW",".HXX",".I",".IBQ",".ICC",".ICL",".ICM",".ICO",".ICS",".IDB",".IDL",".IDQ",".IIQ",".ILK",".IMC",".IMESX",".INC",".INF",".INI",".INL",".INV",".INX",".IN_",".IPP",".IQY",".ITRACE",".IVF",".JAR",".JAVA",".JBF",".JFIF",".JFR",".JOB",".JOD",".JPE",".JPEG",".JPG",".JPS",".JS",".JSE",".JSON",".JSONID",".JSPROJ",".JSX",".JTX",".JXR",".K25",".KCI",".KDC",".KDMP",".LABEL",".LACCDB",".LATEX",".LDB",".LESS",".LEX",".LGN",".LIB",".LIC",".LNK",".LOCAL",".LOG",".LPCM",".LST",".LZH",".M14",".M1V",".M2T",".M2TS",".M2V",".M3U",".M4A",".M4B",".M4P",".M4R",".M4V",".MAD",".MAF",".MAG",".MAK",".MAM",".MAN",".MANIFEST",".MAP",".MAPIMAIL",".MAQ",".MAR",".MARKDOWN",".MAS",".MASTER",".MAT",".MAU",".MAV",".MAW",".MD",".MDA",".MDB",".MDBHTML",".MDC",".MDE",".MDMP",".MDN",".MDP",".MDT",".MDTXT",".MDW",".MEF",".MFCRIBBON-MS",".MHT",".MHTML",".MID",".MIDI",".MK",".MK3D",".MKA",".MKV",".MLC",".MLPD",".MMF",".MOD",".MOS",".MOV",".MOVIE",".MP2",".MP2V",".MP3",".MP4",".MP4V",".MPA",".MPE",".MPEG",".MPG",".MPO",".MPV2",".MRW",".MS-LOCKSCREENCOMPONENT-PRIMARY",".MS-WINDOWS-STORE-LICENSE",".MSC",".MSEPUB",".MSG",".MSI",".MSIX",".MSIXBUNDLE",".MSP",".MSRCINCIDENT",".MSU",".MTS",".MTX",".MV",".MYDOCS",".NATVIS",".NCB",".NEF",".NFO","

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\6e563428-bbec-469e-9b24-d1f4aac243c8.tmp
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Preferences

Source: unknown

Network traffic detected: DNS query count 60

Source: global traffic

TCP traffic: 192.168.2.24:59794 -> 35.157.212.223:3478

Source: global traffic	TCP traffic: 192.168.2.24:58695 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.24:57139 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.24:51594 -> 1.1.1.1:53

Source: Joe Sandbox View	IP Address: 18.66.147.9 18.66.147.9
Source: Joe Sandbox View	IP Address: 2.19.105.89 2.19.105.89
Source: Joe Sandbox View	IP Address: 172.64.146.215 172.64.146.215

Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 23.209.72.30
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.139.11

Source: global traffic	HTTP traffic detected: GET /edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Service-Worker-Navigation-Preload: trueSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pglt-edgeChromium-ntp=2083; sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.1e1de479ffc2b85d14c8.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://ntp.msn.comsec-ch-ua-arch: "x86"sec-ch-viewport-width: 1280sec-ch-ua-platform-version: "15.0.0"downlink: 1.6sec-ch-ua-full-version-list: " Not A;Brand";v="99.0.0.0", "Chromium";v="100.0.1185.36", "Microsoft Edge";v="100.0.1185.36"sec-ch-ua-model: sec-ch-ua-platform: "Windows"device-memory: 8sec-ch-ua-bitness: "64"rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-full-version: "100.0.1185.36"ect: 4gsec-ch-dpr: 1sec-ch-prefers-color-scheme: lightAccept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _C_ETH=1; _EDGE_S=SID=1D33D12908A46136382EC485091C607C
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.948ffa5ea2d441a35f55.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-full-version-list: " Not A;Brand";v="99.0.0.0", "Chromium";v="100.0.1185.36", "Microsoft Edge";v="100.0.1185.36"sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1280sec-ch-ua-platform-version: "15.0.0"downlink: 1.6sec-ch-ua-bitness: "64"sec-ch-ua-model: sec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-full-version: "100.0.1185.36"sec-ch-prefers-color-scheme: lightsec-ch-dpr: 1ect: 4gAccept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _C_ETH=1; _EDGE_S=SID=1D33D12908A46136382EC485091C607C
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.5d0f28115e15fcff20c5.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.c1f2f2c818c03b7d76c6.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.a94db4fabb4deada2a92.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.2ada809b9ba8f24de24c.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=trueUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pglt-edgeChromium-ntp=2083; _C_Auth=; sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _C_ETH=1; _EDGE_S=SID=1D33D12908A46136382EC485091C607CIf-None-Match: 0x8DD16773E2AD59BIf-Modified-Since: Sat, 07 Dec 2024 04:25:55 GMT
Source: global traffic	HTTP traffic detected: GET /about/en-us/signin/ HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://www.bing.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /login HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.bing.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:xljAc29g3Yg=:GWyi185sZSpEVXvcUHJiT3royw4OT7eF52D26JQzqR8=:F; xid=862c390e-9dbc-4337-9ebf-ddd4ed6c2c9d&&ODSP-ODWEB-ODCF&107; xidseq=1
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://onedrive.live.com/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:xljAc29g3Yg=:GWyi185sZSpEVXvcUHJiT3royw4OT7eF52D26JQzqR8=:F; xid=862c390e-9dbc-4337-9ebf-ddd4ed6c2c9d&&ODSP-ODWEB-ODCF&107; xidseq=1
Source: global traffic	HTTP traffic detected: GET /_layouts/15/spwebworkerproxy.ashx HTTP/1.1Host: onedrive.live.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:xljAc29g3Yg=:GWyi185sZSpEVXvcUHJiT3royw4OT7eF52D26JQzqR8=:F; xid=862c390e-9dbc-4337-9ebf-ddd4ed6c2c9d&&ODSP-ODWEB-ODCF&107; xidseq=1
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyA2KlwBX3mkFo30om9LUFYQhpqLoa_BNhE HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEI/aXOAQjCwM4BCMbNzgEIodTOAQjs1c4BCPnYzgEI/dnOAQjE284BCILdzgEI8N7OARj0yc0BGO3azgEY7tzOAQ==Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEI/aXOAQjCwM4BCMbNzgEIodTOAQjs1c4BCPnYzgEI/dnOAQjE284BCILdzgEI8N7OARj0yc0BGO3azgEY7tzOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2F HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://onedrive.live.com/loginAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:xljAc29g3Yg=:GWyi185sZSpEVXvcUHJiT3royw4OT7eF52D26JQzqR8=:F; xid=862c390e-9dbc-4337-9ebf-ddd4ed6c2c9d&&ODSP-ODWEB-ODCF&107; xidseq=1; MicrosoftApplicationsTelemetryDeviceId=e1c2ff91-534f-4fb9-90e7-cb0a235d8657; ai_session=wvNHAQSkmqtAndIg11NyAq\|1741678599336\|1741678599341
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/accessibility-vfliGZNRm.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/tokens-vflYBwytc.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-fonts/index.metaserver-vfldxdwtS.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-fonts/sharp_grotesk_23.metaserver-vfl8AxKvg.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/font_sharp_grotesk-vfl54gg_5.scss HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/notify-vflPup1uz.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=d63f54eb-9dbf-4532-99fd-589cd1199605&redirect_uri=https%3a%2f%2fwww.bing.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22938610610CDA43C7BDE2F5F472712DF6%22%7d HTTP/1.1Host: login.microsoftonline.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.bing.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/js/login_en_u2MoM4ECsTeiFOUbb4dzxg2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/warp/skip_to_main_content-vfl7Z6-j7.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/index.web-vflFu78ol.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon/?url=microsoft.com HTTP/1.1Host: services.bingapis.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.bing.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/font_paper_atlas_grotesk-vflDoDLsu.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/font_sharp_grotesk-vflU6KIR2.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/js/ungated-file-app/src/components/file-input/index.module.out-vflTQwisN.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/js/warp/components/common/warp_navattic_tour_plank/navattic.module.out-vflxR5Weo.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/chunks/oneds-analytics-js_077217740c853b5d4fe8.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/3_57fee22710b04cebe1d5.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/js/warp/components/dwg/dwg_marketo_form_plank/index.module.out-vfl-8BdRi.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/js/warp/components/dwg/dwg_pdf_conversion_plank/index.module.out-vflsd7bHw.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/js/warp/components/metaserver_exclusive/temp/dwg_banner_plank/index.module.out-vfln5O_zl.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/js/warp/context/warp_context.module.out-vflfpzy2P.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-anchor-target/anchor-target.module.out-vfl5062-n.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-cta-block/index.module.out-vflYWM5Av.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?session_id=d50dfab5e6664b0c91ba134fe2c45d07&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SI HTTP/1.1Host: fpt.live.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: E=P:xljAc29g3Yg=:GWyi185sZSpEVXvcUHJiT3royw4OT7eF52D26JQzqR8=:F; xid=862c390e-9dbc-4337-9ebf-ddd4ed6c2c9d&&ODSP-ODWEB-ODCF&107; xidseq=1
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-cta-select/index.module.out-vfl819U8-.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-label/index.module.out-vflida7Ix.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-pill/index.module.out-vfljNXwib.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-recommendation-pill/index.module.out-vflzJ69yd.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/components/dwg-strikethrough-text/index.module.out-vfliIjXK0.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/experimental/components/clickable-card/index.module.out-vflFnJgUs.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/typescript/component_libraries/dwg-components/src/experimental/components/horizontal-scroll/horizontal-scroll.module.out-vflW9se8T.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-aliveOrigin: https://www.dropbox.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pwa?version=18.2411.1163.0&capabilities=interopPromise HTTP/1.1Host: www.microsoft365.comConnection: keep-aliveaccept-language: en-CHUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; MSAppHost/3.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/components-vfl1mIOfg.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/legacy-token-migration-vfl1sMmEL.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/logos-vflYT4VEk.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/icons-vflB0MTYP.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/foundations-tokens-vfl4Y38be.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/foundations-components-vfl4xHixN.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/css/dig-components/content-icons-vflQ0X61G.css HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://cfl.dropboxstatic.com/static/metaserver/static/css/dig-components/index.web-vflSNNWF8.cssAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?hl=en&onload=recaptchaOnloadCallback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/pithos/marketing_tracker_service.bundle-vfluGjITt.js HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/pithos/api_helper_validation.bundle-vfl4MKuP1.js HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/pithos/zoom_chat_client.bundle-vfl6FImrv.js HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: dropboxcaptcha.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/launch-9b21c433d0d6.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /funcaptcha.js HTTP/1.1Host: dropboxcaptcha.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://dropboxcaptcha.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC7fdefaecd6a040e58536515ef11a68d7-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B2AAF3C959275C660A495E7B%40AdobeOrg&d_nsid=0&ts=1741678666506 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"Content-Type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0Accept: /Origin: https://marketing.dropbox.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC71eebe3cede34629bafc28dfd7ad26c6-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/metaserver/static/images/favicon.ico HTTP/1.1Host: cfl.dropboxstatic.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: dropbox.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=31241948162516762640991150844981286300
Source: global traffic	HTTP traffic detected: GET /cm/dd?d_uuid=31241948162516762640991150844981286300 HTTP/1.1Host: cm.everesttech.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCd9182a18ab9b4e9a8c1151f1f8e07c4d-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=4373&time=Tue%20Mar%2011%202025%2003:37:51%20GMT-0400%20(Eastern%20Daylight%20Time)&url=https://marketing.dropbox.com/login?referrer=https%3A%2F%2Fwww.dropbox.com%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z8-oUAAAAIisqQN- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=31241948162516762640991150844981286300
Source: global traffic	HTTP traffic detected: GET /Of9rnPCEVYaQ1lNG-IdCWTPDes_jWXhIJzu9Z5deWtKLrDfmQlW9CychHVNU0HcA1PY HTTP/1.1Host: lh3.googleusercontent.comConnection: keep-alivesec-ch-ua-full-version-list: "Google Chrome";v="131.0.6778.109", "Chromium";v="131.0.6778.109", "Not_A Brand";v="24.0.0.0"sec-ch-ua-platform: "Windows"sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "131.0.6778.109"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua-platform-version: "15.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEI/aXOAQjCwM4BCMbNzgEIodTOAQjs1c4BCPnYzgEI/dnOAQjE284BCILdzgEI8N7OARj0yc0BGO3azgEY7tzOAQ==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC388cd7fa3bf94c2a9f27ea5aa15bb460-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=4373&time=Tue+Mar+11+2025+03%3A37%3A51+GMT-0400+%28Eastern+Daylight+Time%29&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%3A%2F%2Fwww.dropbox.com%2F&cookiesTest=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=343c6a7f-a431-42d4-b7ee-71416b3cc4a6; bcookie="v=2&7b8f411f-4ad2-4b22-87f8-1e7dc62b435e"; lidc="b=TGST08:s=T:r=T:a=T:p=T:g=2995:u=1:x=1:i=1741678675:t=1741765075:v=2:sig=AQH-7apxNxTEn2WGGnt717CPfFdIze1y"
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCb3cd30c56f304daabb0c417e0e4e776d-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/1000051215/?random=1741678677963&cv=11&fst=1741678677963&bg=ffffff&guid=ON&async=1&gtm=45be5362v872879920za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814059&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dconversion%3Bpersonalization%3DGranted&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/1000051215?random=1741678677963&cv=11&fst=1741678677963&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5362v872879920za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814059&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dconversion%3Bpersonalization%3DGranted HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.well-known/protected-auction/v1/public-keys HTTP/1.1Host: publickeyservice.pa.gcp.privacysandboxservices.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /munchkin.js HTTP/1.1Host: munchkin.marketo.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC3ba5eff6c74a4d82a041d302e9fae732-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/1000051215/?random=1741678677963&cv=11&fst=1741676400000&bg=ffffff&guid=ON&async=1&gtm=45be5362v872879920za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814059&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dconversion%3Bpersonalization%3DGranted&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCjtLzMXvoqZfEKOCPCvf9g7swvigDVfjlZpQ&random=298628831&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=4373&time=Tue+Mar+11+2025+03%3A37%3A51+GMT-0400+%28Eastern+Daylight+Time%29&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%3A%2F%2Fwww.dropbox.com%2F&cookiesTest=true&liSync=true HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=343c6a7f-a431-42d4-b7ee-71416b3cc4a6; bcookie="v=2&7b8f411f-4ad2-4b22-87f8-1e7dc62b435e"; lidc="b=TGST08:s=T:r=T:a=T:p=T:g=2995:u=1:x=1:i=1741678675:t=1741765075:v=2:sig=AQH-7apxNxTEn2WGGnt717CPfFdIze1y"; UserMatchHistory=AQKrXKt-4QRpKQAAAZWEI4_88aSC26B_Is46jxuGwqAwUzKKVoIIvB9NP6KUAZapNFEhCLP1xu5npg; AnalyticsSyncHistory=AQJ4gxu4Lc6g6QAAAZWEI4_8ZFniZQKiRGTnHO4H-D_1HwMdggsHGcP9HTlcXh_mcvmt-_XX7b4SEI8QsGkV4g; __cf_bm=EXROMhhM69HBYlCGRSfYgawGDZidcQLUZ3Pi6Ww25tY-1741678682-1.0.1.1-zSsskvOBP02xTvTeQdj3j7CQERRu77MEkaY_kjb66QkHID0sJUB7N.2LX4aXcMKUEX_BgWEQt_shDNTgLy.OE2qB0uxOm8ucJxKv7_0qAZM
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC0776e2290157487c9ceb3207957049dd-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /164/munchkin.js HTTP/1.1Host: munchkin.marketo.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCe74f1f9a70fa42d8bd28c7e4c565b866-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Pixel/Retarget/2452 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC7bb6483a6eb144bdb83233b156810be2-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC13dc02c955f84732b33c5fc8e133a0c4-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/fls/rul/activityi;fledge=1;src=10906599;type=universe;cat=con-d000;ord=1;num=4044776659510;npa=0;auiddc=264623392.1741678675;ps=1;pcor=235152723;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=9;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /activity;register_conversion=1;src=10906599;type=universe;cat=con-d000;ord=1;num=4044776659510;npa=0;auiddc=264623392.1741678675;ps=1;pcor=235152723;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=10;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Attribution-Reporting-Eligible: trigger, event-source;navigation-sourceAttribution-Reporting-Support: web;osX-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /activityi;src=10906599;type=universe;cat=con-d000;ord=1;num=4044776659510;npa=0;auiddc=264623392.1741678675;ps=1;pcor=235152723;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: 10906599.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-full-version-list: "Google Chrome";v="131.0.6778.109", "Chromium";v="131.0.6778.109", "Not_A Brand";v="24.0.0.0"sec-ch-ua-platform: "Windows"sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-ua-mobile: ?0sec-ch-ua-form-factors: "Desktop"sec-ch-ua-wow64: ?0sec-ch-ua-arch: "x86"sec-ch-ua-full-version: "131.0.6778.109"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua-platform-version: "15.0.0"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEI/aXOAQjCwM4BCMbNzgEIodTOAQjs1c4BCPnYzgEI/dnOAQjE284BCILdzgEI8N7OARj0yc0BGO3azgEY7tzOAQ==Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://accounts.google.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=ItYSzukLY_0sV4QwXMNhsASxFdk_URnBbUjiBimgEb5vhZDFQ331KH7wOX-Russ3e78RjRCvbbugr2x8Ct50l5hv3lhzKf4ieBJAwQqjgery9LbHgadBWaW74VAMEIgbUgZ8xRu5mxfbAKNo51ChF_KRZn7EyC_E-dElS1G4tZ80L2mq_7gfTD7iPldLPw7h
Source: global traffic	HTTP traffic detected: GET /activity;register_conversion=1;src=10906599;type=busin001;cat=dbxun0;ord=3325311041154;npa=0;auiddc=264623392.1741678675;ps=1;pcor=749412630;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=10;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: ad.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Attribution-Reporting-Eligible: event-source, trigger;navigation-sourceAttribution-Reporting-Support: web;osX-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /td/fls/rul/activityi;fledge=1;src=10906599;type=busin001;cat=dbxun0;ord=3325311041154;npa=0;auiddc=264623392.1741678675;ps=1;pcor=749412630;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=9;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCe690552bddfc46dca5fe49d183e8b40d-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;src=10906599;type=busin001;cat=dbxun0;ord=3325311041154;npa=0;auiddc=264623392.1741678675;ps=1;pcor=749412630;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: 10906599.fls.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /signals/config/329181751193634?v=2.9.186&r=stable&domain=www.dropbox.com&hme=a72824d1c4e9fa19885a7ddba1edefb2829b45a4452ba98f5c6581985a4ea493&ex_m=71%2C123%2C108%2C112%2C62%2C4%2C101%2C70%2C16%2C98%2C90%2C51%2C55%2C175%2C178%2C190%2C186%2C187%2C189%2C29%2C102%2C53%2C78%2C188%2C170%2C173%2C183%2C184%2C191%2C133%2C41%2C196%2C193%2C194%2C34%2C146%2C15%2C50%2C200%2C199%2C135%2C18%2C40%2C1%2C43%2C66%2C67%2C68%2C72%2C94%2C17%2C14%2C97%2C93%2C92%2C109%2C52%2C111%2C39%2C110%2C30%2C95%2C26%2C171%2C174%2C143%2C87%2C57%2C85%2C33%2C74%2C0%2C96%2C32%2C28%2C83%2C84%2C89%2C47%2C46%2C88%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C58%2C63%2C65%2C76%2C54%2C103%2C27%2C77%2C9%2C8%2C81%2C48%2C21%2C105%2C104%2C106%2C99%2C10%2C20%2C3%2C38%2C75%2C19%2C5%2C91%2C82%2C44%2C35%2C86%2C2%2C36%2C64%2C42%2C107%2C45%2C80%2C69%2C113%2C61%2C60%2C31%2C100%2C59%2C56%2C49%2C79%2C73%2C24%2C114 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=CNWAjN_CgYwDFbWFgwcdbfcMCA;src=10906599;type=universe;cat=con-d000;ord=1;num=4044776659510;npa=0;auiddc=264623392.1741678675;ps=1;pcor=235152723;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: 10906599.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUlkiXSLjgJ68LILJuJNYNO-ibL-vPQMUB4vbbHK9jYLDjtz22SZnRYpcDmS
Source: global traffic	HTTP traffic detected: GET /edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&prerender=1 HTTP/1.1Host: ntp.msn.comConnection: keep-alivedevice-memory: 8sec-ch-dpr: 1sec-ch-viewport-width: 1280rtt: 200downlink: 3.1ect: 4gsec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "100.0.1185.36"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "15.0.0"sec-ch-ua-model: ""sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: " Not A;Brand";v="99.0.0.0", "Chromium";v="100.0.1185.36", "Microsoft Edge";v="100.0.1185.36"sec-ch-prefers-color-scheme: lightUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Service-Worker-Navigation-Preload: trueSec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pglt-edgeChromium-ntp=2083; _C_Auth=; sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _C_ETH=1; _EDGE_S=SID=1D33D12908A46136382EC485091C607C
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCc7484909b76f41fcb5f92f2fcd87293a-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /li.lms-analytics/insight.min.js HTTP/1.1Host: snap.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /activityi;dc_pre=COKBgeDCgYwDFXyIgwcd5Qc8HQ;src=10906599;type=busin001;cat=dbxun0;ord=3325311041154;npa=0;auiddc=264623392.1741678675;ps=1;pcor=749412630;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F? HTTP/1.1Host: 10906599.fls.doubleclick.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUkbsSd23o9cH5_f5ETfF7j6qhsflQDW-lz6hH9xHPLn4bwmbPDdLpGTRTvmq7M
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=CNWAjN_CgYwDFbWFgwcdbfcMCA;src=10906599;type=universe;cat=con-d000;ord=1;num=4044776659510;npa=0;auiddc=;ps=1;pcor=235152723;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://10906599.fls.doubleclick.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=i1bIPA9vNRwAzcPfTytnBiF057hB9rg6MsRpJpcqCfbWwM8aO-X4rrh7Hs2Cc_UKXmjL-14Q_VPVpG7nkoU9vcoDJDLGrMUgoKDzjVmBlhoejqGXGpmX53Qy17wYF98kRcI2AHvbNFDmFn3_g86A5NUBcxIPPslR5EeeGfBbWMqp1prvjlvU2qggDY2PhXCh_bmt2yNA
Source: global traffic	HTTP traffic detected: GET /tr/?id=329181751193634&ev=PageView&dl=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&rl=https%3A%2F%2Fwww.dropbox.com%2F&if=true&ts=1741678697277&sw=1280&sh=1024&v=2.9.186&r=stable&ec=0&o=12318&fbp=fb.1.1741678697275.88440595110474530&ler=other&cdl=API_unavailable&it=1741678693746&coo=false&exp=k0&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=329181751193634&ev=PageView&dl=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&rl=https%3A%2F%2Fwww.dropbox.com%2F&if=true&ts=1741678697277&sw=1280&sh=1024&v=2.9.186&r=stable&ec=0&o=12318&fbp=fb.1.1741678697275.88440595110474530&ler=other&cdl=API_unavailable&it=1741678693746&coo=false&exp=k0&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Attribution-Reporting-Eligible: event-source, trigger=navigation-sourceAttribution-Reporting-Support: web;osSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC658ef5ab5acf461382816954ba0be868-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/listing/tool/cv/ytag.js HTTP/1.1Host: s.yimg.jpConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /attribution_trigger?pid=4373&time=1741678698290&url=https%3A%2F%2Fwww.dropbox.com%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: *sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Origin: https://marketing.dropbox.comAttribution-Reporting-Eligible: trigger=event-sourceAttribution-Reporting-Support: web=osSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ddm/fls/z/dc_pre=COKBgeDCgYwDFXyIgwcd5Qc8HQ;src=10906599;type=busin001;cat=dbxun0;ord=3325311041154;npa=0;auiddc=;ps=1;pcor=749412630;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0;uamb=0;uam=;uap=Windows;uapv=15.0.0;uaw=0;pscdl=noapi;frm=2;_tu=IA;gtm=45fe5362v9135074486za200;gcs=G111;gcd=13t3t3t3t5l1;dma=0;dc_fmt=1;tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060;epver=2;~oref=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F HTTP/1.1Host: adservice.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://10906599.fls.doubleclick.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=i1bIPA9vNRwAzcPfTytnBiF057hB9rg6MsRpJpcqCfbWwM8aO-X4rrh7Hs2Cc_UKXmjL-14Q_VPVpG7nkoU9vcoDJDLGrMUgoKDzjVmBlhoejqGXGpmX53Qy17wYF98kRcI2AHvbNFDmFn3_g86A5NUBcxIPPslR5EeeGfBbWMqp1prvjlvU2qggDY2PhXCh_bmt2yNA
Source: global traffic	HTTP traffic detected: GET /collect?v=2&fmt=js&pid=4373&time=1741678698290&li_adsId=1658663e-ff71-48f4-a673-f708ca3c131f&url=https%3A%2F%2Fwww.dropbox.com%2F HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=343c6a7f-a431-42d4-b7ee-71416b3cc4a6; bcookie="v=2&7b8f411f-4ad2-4b22-87f8-1e7dc62b435e"; lidc="b=TGST08:s=T:r=T:a=T:p=T:g=2995:u=1:x=1:i=1741678675:t=1741765075:v=2:sig=AQH-7apxNxTEn2WGGnt717CPfFdIze1y"; UserMatchHistory=AQKrXKt-4QRpKQAAAZWEI4_88aSC26B_Is46jxuGwqAwUzKKVoIIvB9NP6KUAZapNFEhCLP1xu5npg; AnalyticsSyncHistory=AQJ4gxu4Lc6g6QAAAZWEI4_8ZFniZQKiRGTnHO4H-D_1HwMdggsHGcP9HTlcXh_mcvmt-_XX7b4SEI8QsGkV4g; __cf_bm=EXROMhhM69HBYlCGRSfYgawGDZidcQLUZ3Pi6Ww25tY-1741678682-1.0.1.1-zSsskvOBP02xTvTeQdj3j7CQERRu77MEkaY_kjb66QkHID0sJUB7N.2LX4aXcMKUEX_BgWEQt_shDNTgLy.OE2qB0uxOm8ucJxKv7_0qAZM
Source: global traffic	HTTP traffic detected: GET /Pixel/Retarget/2166 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://10906599.fls.doubleclick.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: GLOBALID=2uKlc8-sIBd987FnXwS9YmH-eAwAJy79CHE4nXOzI7uOQTxrCPfELP5M5BzVn_NRJGr2HA7wNJQC4TM1
Source: global traffic	HTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=trueUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pglt-edgeChromium-ntp=2083; _C_Auth=; sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _EDGE_S=SID=1D33D12908A46136382EC485091C607CIf-None-Match: 0x8DD602A8269E7F9If-Modified-Since: Mon, 10 Mar 2025 23:23:04 GMT
Source: global traffic	HTTP traffic detected: GET /sg/msn/1/cm?taboola_hm=004ABE65C0E662FD0B62AB35C1E763F0&gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uidmappixel?ext_uid=004ABE65C0E662FD0B62AB35C1E763F0&pname=MSN&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.outbrain.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setuid?partner=microsoftSsp&dbredirect=true&dnt=0&gdpr=0&gdpr_consent= HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCbadabff808d04629988b7c9eb5626e4b-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC8611efcb20ae4db4a1be3acedb5a0ad3-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cksync.php?type=nms&cs=3&ovsid=004ABE65C0E662FD0B62AB35C1E763F0&gdpr=0&gdpr_consent= HTTP/1.1Host: hbx.media.netConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /m?cdsp=516415&c=004ABE65C0E662FD0B62AB35C1E763F0&mode=inverse&msn_src=ntp&&gdpr=0&gdpr_consent= HTTP/1.1Host: cm.mgid.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync/msn?gdpr=0&gdpr_consent= HTTP/1.1Host: pr-bh.ybp.yahoo.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/16725107574?random=1741678705451&cv=11&fst=1741678705451&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5362za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dpage_view HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUkbsSd23o9cH5_f5ETfF7j6qhsflQDW-lz6hH9xHPLn4bwmbPDdLpGTRTvmq7M; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/16725107574/?random=1741678705451&cv=11&fst=1741678705451&bg=ffffff&guid=ON&async=1&gtm=45be5362za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUkbsSd23o9cH5_f5ETfF7j6qhsflQDW-lz6hH9xHPLn4bwmbPDdLpGTRTvmq7M; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCeef92edf2af249efba00de109b214e0e-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mapuid?suid=004ABE65C0E662FD0B62AB35C1E763F0&sid=16&gdpr=0&gdpr_consent= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/16725107574/?random=1741678705451&cv=11&fst=1741676400000&bg=ffffff&guid=ON&async=1&gtm=45be5362za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&hn=www.googleadservices.com&frm=2&tiba=Dropbox&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCjtLzMg7vhPBWcYmlyUtfwqcxS7Q_wjK5ybdfsJPPaJWz8r90juAG3&random=1030468027&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=i1bIPA9vNRwAzcPfTytnBiF057hB9rg6MsRpJpcqCfbWwM8aO-X4rrh7Hs2Cc_UKXmjL-14Q_VPVpG7nkoU9vcoDJDLGrMUgoKDzjVmBlhoejqGXGpmX53Qy17wYF98kRcI2AHvbNFDmFn3_g86A5NUBcxIPPslR5EeeGfBbWMqp1prvjlvU2qggDY2PhXCh_bmt2yNA
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC07e99ffb24cd457281cba32c3746145c-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy= HTTP/1.1Host: eb2.3lift.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mapuid?member=280&user=14EA2E828C4D639509943BD28D2B6272;&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D14EA2E828C4D639509943BD28D2B6272%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC291d301d8bb74f26bc8ef3d5c04a2c67-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sync?ssp=msn&id=004ABE65C0E662FD0B62AB35C1E763F0&gdpr=0&gdpr_consent= HTTP/1.1Host: code.yengo.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=004ABE65C0E662FD0B62AB35C1E763F0&external=true&gdpr=0&gdpr_consent= HTTP/1.1Host: visitor.omnitagjs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fmapuid%3Fmember%3D280%26user%3D14EA2E828C4D639509943BD28D2B6272%3B%26gdpr%3D0%26gdpr_consent%3D%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fseg%253Fadd%253D5159620%2526redir%253Dhttps%25253A%25252F%25252Fib.adnxs.com%25252Fsetuid%25253Fentity%25253D483%252526code%25253D14EA2E828C4D639509943BD28D2B6272%252526gdpr%25253D0%252526gdpr_consent%25253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC86679092d9794fad80c5daa85619f2cd-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cs/msn?id=004ABE65C0E662FD0B62AB35C1E763F0&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.mediago.ioConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D14EA2E828C4D639509943BD28D2B6272%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4/8CxrEQF']wIg2IljnZz/+!]tbP6j2F-XstGt!@E>T%4'[q
Source: global traffic	HTTP traffic detected: GET /cs/msn?id=004ABE65C0E662FD0B62AB35C1E763F0&gdpr=0&gdpr_consent= HTTP/1.1Host: trace.popin.ccConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __mguid_=44ffa69be4a5e3ae1msvnp00m4gvuela
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCb16ed6f8d6e3452a9488224e60475c24-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https://c.bing.com/c.gif?anx_uid=$UID&Red3=MSAN_pd&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4/8CxrEQF']wIg2IljnZz/+!]tbP6j2F-XstGt!@E>T%4'[q
Source: global traffic	HTTP traffic detected: GET /setuid?entity=483&code=14EA2E828C4D639509943BD28D2B6272&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4/8D>6NRF']wIg2IljnZz/+!fsuhTnO0PlZ[C[-kX-oU9t:
Source: global traffic	HTTP traffic detected: GET /oRTB?redirect={PubRedirectUrl}&gdpr=0&gdpr_consent= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /td/rul/11087776657?random=1741678718043&cv=11&fst=1741678718043&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be5362v9102999092za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&label=418-488-6760&hn=www.googleadservices.com&frm=2&tiba=Dropbox&gtm_ee=1&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Browser-Channel: stableX-Browser-Year: 2024X-Browser-Validation: Nbt54E7jcg8lQ4EExJrU2ugNG6o=X-Browser-Copyright: Copyright 2024 Google LLC. All rights reserved.X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUkbsSd23o9cH5_f5ETfF7j6qhsflQDW-lz6hH9xHPLn4bwmbPDdLpGTRTvmq7M; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC93175541ea7e4c428612c6aaa9438208-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/15955/analytics/1.0/analytics.min.js HTTP/1.1Host: cdn.bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: GLOBALID=2uKlc8-sIBd987FnXwS9YmH-eAwAJy79CHE4nXOzI7uOQTxrCPfELP5M5BzVn_NRJGr2HA7wNJQC4TM1
Source: global traffic	HTTP traffic detected: GET /sync?redirect=%7BPubRedirectUrl%7D&gdpr_consent=&gdpr=0&us_privacy=&gdpr_pd=&source=5&google_push=&retry= HTTP/1.1Host: sync.inmobi.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC80c3130db80b45d481140b5777f1e0ba-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/11087776657/?random=374263978&cv=11&fst=1741678718043&bg=ffffff&guid=ON&async=1&gtm=45be5362v9102999092za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&label=418-488-6760&hn=www.googleadservices.com&frm=2&tiba=Dropbox&gtm_ee=1&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CKDPsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgijxbECCPbOsQIIkMmxAgjTxbECCOvMsQIIz86xAiIBAUABSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=CNT6-vvJiNxYIhMIi77y68KBjAMVYhKLCh0hVBL-MgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOh5odHRwczovL21hcmtldGluZy5kcm9wYm94LmNvbS9CWENoRUk4TDZfdmdZUW5JLV83cVhpd2FxckFSSXRBQy1veUgzU3RmRTdfZXlHU2I0VUVxYTBjYzBYS1VLUlRHakZaS1R4ZE9OYm9odTktcFg1MnNJU21pMnc HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ar_debug=1; IDE=AHWqTUkbsSd23o9cH5_f5ETfF7j6qhsflQDW-lz6hH9xHPLn4bwmbPDdLpGTRTvmq7M; receive-cookie-deprecation=1
Source: global traffic	HTTP traffic detected: GET /collect/?pid=4373&conversionId=5245385&fmt=js HTTP/1.1Host: px.ads.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: li_sugr=343c6a7f-a431-42d4-b7ee-71416b3cc4a6; bcookie="v=2&7b8f411f-4ad2-4b22-87f8-1e7dc62b435e"; lidc="b=TGST08:s=T:r=T:a=T:p=T:g=2995:u=1:x=1:i=1741678675:t=1741765075:v=2:sig=AQH-7apxNxTEn2WGGnt717CPfFdIze1y"; UserMatchHistory=AQKrXKt-4QRpKQAAAZWEI4_88aSC26B_Is46jxuGwqAwUzKKVoIIvB9NP6KUAZapNFEhCLP1xu5npg; AnalyticsSyncHistory=AQJ4gxu4Lc6g6QAAAZWEI4_8ZFniZQKiRGTnHO4H-D_1HwMdggsHGcP9HTlcXh_mcvmt-_XX7b4SEI8QsGkV4g; __cf_bm=EXROMhhM69HBYlCGRSfYgawGDZidcQLUZ3Pi6Ww25tY-1741678682-1.0.1.1-zSsskvOBP02xTvTeQdj3j7CQERRu77MEkaY_kjb66QkHID0sJUB7N.2LX4aXcMKUEX_BgWEQt_shDNTgLy.OE2qB0uxOm8ucJxKv7_0qAZM
Source: global traffic	HTTP traffic detected: GET /engagement/js?goalId=15955&cb=1741678720696 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: GLOBALID=2uKlc8-sIBd987FnXwS9YmH-eAwAJy79CHE4nXOzI7uOQTxrCPfELP5M5BzVn_NRJGr2HA7wNJQC4TM1
Source: global traffic	HTTP traffic detected: GET /mapuid?member=280&user=14EA2E828C4D639509943BD28D2B6272&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fm.adnxs.com%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D483%2526code%253D14EA2E828C4D639509943BD28D2B6272%2526gdpr%253D0%2526gdpr_consent%253D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4.FEVNsVF']wIg2IljnZz/+!fsu$D4jY1ih[Y32zCSeCyjUgFbRt>EHvDfDZ3JoG4fnDiR2gEHv#^E:kDn/lcPQx$wAMP(hw9P-HC_#txZx+'%CH
Source: global traffic	HTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-US&title=New%20tab&dsp=1&sp=Bing&prerender=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: pglt-edgeChromium-ntp=2083; _C_Auth=; sptmarket=en-US\|\|us\|en-us\|en-us\|en\|\|cf=8\|RefA=1B31AA27F6324A9F8365A0E1A9A52B6D.RefC=2024-12-09T10:20:34Z; USRLOC=; MUID=004ABE65C0E662FD0B62AB35C1E763F0; MUIDB=004ABE65C0E662FD0B62AB35C1E763F0; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=6aef895b-7882-4f77-b0ae-6734b488fce8; _EDGE_S=SID=1D33D12908A46136382EC485091C607C; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
Source: global traffic	HTTP traffic detected: GET /pagead/1p-conversion/11087776657/?random=374263978&cv=11&fst=1741678718043&bg=ffffff&guid=ON&async=1&gtm=45be5362v9102999092za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=102067808~102482433~102587591~102640600~102717422~102788824~102791784~102813108~102814060&u_w=1280&u_h=1024&url=https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F&ref=https%3A%2F%2Fwww.dropbox.com%2F&top=https%3A%2F%2Fwww.dropbox.com%2F&label=418-488-6760&hn=www.googleadservices.com&frm=2&tiba=Dropbox&gtm_ee=1&npa=0&pscdl=noapi&auid=264623392.1741678675&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B131.0.6778.109%7CChromium%3B131.0.6778.109%7CNot_A%2520Brand%3B24.0.0.0&uamb=0&uam=&uap=Windows&uapv=15.0.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CKDPsQIIobixAgixwbECCLDBsQIIscOxAgiKxbECCMLJsQIItMaxAgijxbECCPbOsQIIkMmxAgjTxbECCOvMsQIIz86xAiIBAUABSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=CNT6-vvJiNxYIhMIi77y68KBjAMVYhKLCh0hVBL-MgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOh5odHRwczovL21hcmtldGluZy5kcm9wYm94LmNvbS9CWENoRUk4TDZfdmdZUW5JLV83cVhpd2FxckFSSXRBQy1veUgzU3RmRTdfZXlHU2I0VUVxYTBjYzBYS1VLUlRHakZaS1R4ZE9OYm9odTktcFg1MnNJU21pMnc&is_vtc=1&cid=CAQSKQCjtLzMwpwb9gpG5vtfCJ-bKkTo6EFN8cFuLQfTJMXZXfKnXfWCzlna&random=359814307 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIS2yQEIpbbJAQipncoBCIb0ygEIlqHLAQiKo8sBCIWgzQEIxNvOARj0yc0BSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: NID=522=i1bIPA9vNRwAzcPfTytnBiF057hB9rg6MsRpJpcqCfbWwM8aO-X4rrh7Hs2Cc_UKXmjL-14Q_VPVpG7nkoU9vcoDJDLGrMUgoKDzjVmBlhoejqGXGpmX53Qy17wYF98kRcI2AHvbNFDmFn3_g86A5NUBcxIPPslR5EeeGfBbWMqp1prvjlvU2qggDY2PhXCh_bmt2yNA
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RCa0914b5508224d108dacfda426a42c1d-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /seg?add=5159620&redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D483%26code%3D14EA2E828C4D639509943BD28D2B6272%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: m.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4.FEVNsVF']wIg2IljnZz/+!fsu$DmJl3ih[Y32zCSeCyjUgFbRt>EHvDfDZ3JoG4fnDiR2gEHv#^E:kDn/lcPQx$wAMP(hw9P-HC_#txaj+'qtP
Source: global traffic	HTTP traffic detected: GET /engagement/event?input=%7B%22globalId%22%3A%22f6ad85b3-0c0d-44e6-98f7-5c6859647e6a%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215955%22%2C%22sessionId%22%3A%221e858ed0-d2d4-45e4-afe2-4716d4fde68f%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fmarketing.dropbox.com%2Flogin%3Freferrer%3Dhttps%253A%252F%252Fwww.dropbox.com%252F%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Origin: https://marketing.dropbox.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /engagement/getpixels?gid=15955 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Origin: https://marketing.dropbox.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /setuid?entity=483&code=14EA2E828C4D639509943BD28D2B6272&gdpr=0&gdpr_consent= HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: " Not A;Brand";v="99", "Chromium";v="100", "Microsoft Edge";v="100"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Edg/100.0.1185.36sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=2986125377689107520; anj=dTM7k!M4.FEVNsVF']wIg2IljnZz/+!_i5PYiTeP`-s.xea../Z0rzwqAk9sD>aB8nfUQ=Fpm%nFp%KnDZ#K/oGHp8HG!WNI[<6a%(2K:$doS]%6lOS$<oIC
Source: global traffic	HTTP traffic detected: GET /7c31e7b46b8e/5feae65e0b10/41ae77d1b7d4/RC87151afc7cae4e44834693e6e8a856e6-source.min.js HTTP/1.1Host: assets.adobedtm.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://marketing.dropbox.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /r/r1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.dropbox.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ocsp/MFQwUjBQME4wTDAJBgUrDgMCGgUABBQbxmMY0ZtiFXXusCt0ac1S1Zoq4gQU9n4vvYCjSrJwW%2Bvfmh%2FY7cphgAcCEzMBYE%2B9jBRaxFEXbiQAAAFgT70%3D HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Microsoft-CryptoAPI/10.0Host: oneocsp.microsoft.com

Source: 000003.log9.4.dr	String found in binary or memory: Click to play.\" data-dc=\"vtdc_black\" class=\"mc_vtvc_link\" target=\"_blank\" href=\"https://www.bing.com/ck/a?!&&p=c89cd5d6b6d091ae76d6c13fa3d7e3a83092222cc5531bfd0b7f629a845b54c7JmltdHM9MTc0MTY1MTIwMA&ptn=3&ver=2&hsh=4&fclid=14ea2e82-8c4d-6395-0994-3bd28d2b6272&u=a1L3ZpZGVvcy9yaXZlcnZpZXcvcmVsYXRlZHZpZGVvP3E9b25lZHJpdmUmbWlkPTBGQzlENzhDQTk4MEZBRkRFOEExMEZDOUQ3OENBOTgwRkFGREU4QTEmbWNpZD05Mzg2MTA2MTBDREE0M0M3QkRFMkY1RjQ3MjcxMkRGNiZGT1JNPVZJUkU&ntb=1\" h=\"ID=SERP,5611.1\"><div class=\"mc_vtvc_con_rc\"><div class=\"mc_vtvc_th b_canvas\"><div class=\"cico\"><img height=\"110\" width=\"197\" data-src-hq=\"https://th.bing.com/th?id=OVP.2u39u5eqBpLeKCbZ-fcVsgHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7\" alt=\"How to use the NEW Microsoft OneDrive - Made Easy for Everyone\" data-priority=\"2\" id=\"emb26C9473D2\" class=\"rms_img\" src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAIBTAA7\"></div><div class=\"mc_vtvc_htc\"><div class=\"mc_vtvc_htb\"><div class=\"mc_vtvc_ht\">Watch video</div></div></div><div class=\"mc_vtvc_center_play\"></div><div class=\"mc_vtvc_ban_lo\"><div class=\"vtbc\"><div class=\"mc_bc_w b_smText\"><div class=\"mc_bc items\">29:03</div></div></div></div></div><div class=\"mc_vtvc_meta\"><div class=\"mc_vtvc_title\" title=\"How to use the NEW Microsoft OneDrive - Made Easy for Everyone\">How to use the NEW Microsoft <strong>OneDrive</strong> - Made Easy for Everyone</div><div class=\"mc_vtvc_meta_block_area\"><div class=\"mc_vtvc_meta_row mc_vtvc_meta_pubdate\"><span class=\"meta_vc_content\">49.4K views</span><span class=\"meta_pd_content\">Nov 27, 2023</span></div><div class=\"mc_vtvc_meta_row mc_vtvc_meta_channel\"><span>YouTube</span><span class=\"mc_vtvc_meta_row_channel\">Teacher's Tech</span></div></div></div><div class=\"vrhdata\" ht=\"0\" vrhm=\"{"cid":"serpvidans_hc","smturl":"https://th.bing.com/th?id=OM.oej9-oCpjNfJDw_1740172184&pid=1.7","bci":0,"du":"29:03","murl":"https://www.youtube.com/watch?v=eCTn3Tmu538","thid":"OVP.2u39u5eqBpLeKCbZ-fcVsgHgFo","mid":"0FC9D78CA980FAFDE8A10FC9D78CA980FAFDE8A1","vt":"How to use the NEW Microsoft OneDrive - Made Easy for Everyone","IsAdultThumb":false,"EnableLoopPlay":false,"pgurl":"https://www.youtube.com/watch?v=eCTn3Tmu538","q":"onedrive"}\"></div></div></a></div></div><div id=\"mc_cwvc_1741678588650\"><div id=\"mc_vtvc__20\" class=\"mc_vtvc b_canvas mc_vtvc_cc creator\" data-priority=\"1\"><a aria-label=\"How to use equals www.youtube.com (Youtube)
Source: 000003.log9.4.dr	String found in binary or memory: Click to play.\" data-dc=\"vtdc_blue\" class=\"mc_vtvc_link\" target=\"_blank\" href=\"https://www.bing.com/ck/a?!&&p=4ac8210689981e9622affc6909a317de44fea03f92bb4fdcf321ef709f4bdb68JmltdHM9MTc0MTY1MTIwMA&ptn=3&ver=2&hsh=4&fclid=14ea2e82-8c4d-6395-0994-3bd28d2b6272&u=a1L3ZpZGVvcy9yaXZlcnZpZXcvcmVsYXRlZHZpZGVvP3E9b25lZHJpdmUmbWlkPUI3REIyREI2MUFENkJDN0E3RTg1QjdEQjJEQjYxQUQ2QkM3QTdFODUmbWNpZD05Mzg2MTA2MTBDREE0M0M3QkRFMkY1RjQ3MjcxMkRGNiZGT1JNPVZJUkU&ntb=1\" h=\"ID=SERP,5613.1\"><div class=\"mc_vtvc_con_rc\"><div class=\"mc_vtvc_th b_canvas\"><div class=\"cico\"><img height=\"110\" width=\"197\" data-src-hq=\"https://th.bing.com/th?id=OVP.Fnz2jW2GV1oFAJdyxFEYTAHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7\" alt=\"Microsoft OneDrive: The Future of File Management is Here\" data-priority=\"2\" id=\"emb459962E50\" class=\"rms_img\" src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAIBTAA7\"></div><div class=\"mc_vtvc_htc\"><div class=\"mc_vtvc_htb\"><div class=\"mc_vtvc_ht\">Watch video</div></div></div><div class=\"mc_vtvc_center_play\"></div><div class=\"mc_vtvc_ban_lo\"><div class=\"vtbc\"><div class=\"mc_bc_w b_smText\"><div class=\"mc_bc items\">29:05</div></div></div></div></div><div class=\"mc_vtvc_meta\"><div class=\"mc_vtvc_title\" title=\"Microsoft OneDrive: The Future of File Management is Here\">Microsoft <strong>OneDrive</strong>: The Future of File Management is Here</div><div class=\"mc_vtvc_meta_block_area\"><div class=\"mc_vtvc_meta_row mc_vtvc_meta_pubdate\"><span class=\"meta_vc_content\">514.7K views</span><span class=\"meta_pd_content\">Oct 5, 2023</span></div><div class=\"mc_vtvc_meta_row mc_vtvc_meta_channel\"><span>YouTube</span><span class=\"mc_vtvc_meta_row_channel\">Microsoft 365</span></div></div></div><div class=\"vrhdata\" ht=\"0\" vrhm=\"{"cid":"serpvidans_hc","smturl":"https://th.bing.com/th?id=OM.hX56vNYati3btw_1730642640&pid=1.7","bci":0,"du":"29:05","murl":"https://www.youtube.com/watch?v=VqnF1TTkKV0","thid":"OVP.Fnz2jW2GV1oFAJdyxFEYTAHgFo","mid":"B7DB2DB61AD6BC7A7E85B7DB2DB61AD6BC7A7E85","vt":"Microsoft OneDrive: The Future of File Management is Here","IsAdultThumb":false,"EnableLoopPlay":false,"pgurl":"https://www.youtube.com/watch?v=VqnF1TTkKV0","q":"onedrive"}\"></div></div></a></div></div><div id=\"mc_cwvc_1741678588657\"><div id=\"mc_vtvc__26\" class=\"mc_vtvc b_canvas \" data-priority=\"2\"><a aria-label=\"Microsoft 365 apps help keep your files safe with equals www.youtube.com (Youtube)
Source: 000003.log9.4.dr	String found in binary or memory: Click to play.\" data-dc=\"vtdc_white\" class=\"mc_vtvc_link\" target=\"_blank\" href=\"https://www.bing.com/ck/a?!&&p=d3f6d6f2098e9c1d42b55483e9731cd172d9103c947a258a2f6a702e5d83b2b1JmltdHM9MTc0MTY1MTIwMA&ptn=3&ver=2&hsh=4&fclid=14ea2e82-8c4d-6395-0994-3bd28d2b6272&u=a1L3ZpZGVvcy9yaXZlcnZpZXcvcmVsYXRlZHZpZGVvP3E9b25lZHJpdmUmbWlkPUEzRDkzNjNEOTdDNzUwNTQ0RkRBQTNEOTM2M0Q5N0M3NTA1NDRGREEmbWNpZD05Mzg2MTA2MTBDREE0M0M3QkRFMkY1RjQ3MjcxMkRGNiZGT1JNPVZJUkU&ntb=1\" h=\"ID=SERP,5612.1\"><div class=\"mc_vtvc_con_rc\"><div class=\"mc_vtvc_th b_canvas\"><div class=\"cico\"><img height=\"110\" width=\"197\" data-src-hq=\"https://th.bing.com/th?id=OVP.GP3xXvs5oNownVJ95FU-jgHgFo&w=197&h=110&c=7&rs=1&qlt=90&o=6&pid=1.7\" alt=\"How to use OneDrive \| Microsoft\" data-priority=\"2\" id=\"emb30E91F30B\" class=\"rms_img\" src=\"data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAIBTAA7\"></div><div class=\"mc_vtvc_htc\"><div class=\"mc_vtvc_htb\"><div class=\"mc_vtvc_ht\">Watch video</div></div></div><div class=\"mc_vtvc_center_play\"></div><div class=\"mc_vtvc_ban_lo\"><div class=\"vtbc\"><div class=\"mc_bc_w b_smText\"><div class=\"mc_bc items\">1:10</div></div></div></div></div><div class=\"mc_vtvc_meta\"><div class=\"mc_vtvc_title\" title=\"How to use OneDrive \| Microsoft\">How to use <strong>OneDrive</strong> \| Microsoft</div><div class=\"mc_vtvc_meta_block_area\"><div class=\"mc_vtvc_meta_row mc_vtvc_meta_pubdate\"><span class=\"meta_vc_content\">43K views</span><span class=\"meta_pd_content\">Aug 18, 2023</span></div><div class=\"mc_vtvc_meta_row mc_vtvc_meta_channel\"><span>YouTube</span><span class=\"mc_vtvc_meta_row_channel\">Microsoft Helps</span></div></div></div><div class=\"vrhdata\" ht=\"0\" vrhm=\"{"cid":"serpvidans_hc","smturl":"https://th.bing.com/th?id=OM.2k9UUMeXPTbZow_1732449485&pid=1.7","bci":0,"du":"1:10","murl":"https://www.youtube.com/watch?v=AfDmNiBoITQ","thid":"OVP.GP3xXvs5oNownVJ95FU-jgHgFo","mid":"A3D9363D97C750544FDAA3D9363D97C750544FDA","vt":"How to use OneDrive \| Microsoft","IsAdultThumb":false,"EnableLoopPlay":false,"pgurl":"https://www.youtube.com/watch?v=AfDmNiBoITQ","q":"onedrive"}\"></div></div></a></div></div><div id=\"mc_cwvc_1741678588654\"><div id=\"mc_vtvc__23\" class=\"mc_vtvc b_canvas mc_vtvc_cc creator\" data-priority=\"1\"><a aria-label=\"Microsoft equals www.youtube.com (Youtube)
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: !antifraudjs.friends2follow.com/fabrikam.msedgedemo.example/harrenmedianetwork.com/zetaemailsolutions.com/martinimedianetwork.com/vanarsdel.msedgedemo.example/maxpointinteractive.com/complexmedianetwork.com/evolvemediametrics.com/coxdigitalsolutions.com/marketingsolutions.yahoo.com/multiplestreammktg.com/sensisdigitalmedia.com.au/yandex.ru/portal/set/anygame-advertising-online.com/stargamesaffiliate.com/clearsightinteractive.comconversiondashboard.comiesBrand Affinity Technologiestargetingmarketplace.combrilliancepublishing.comwww.geniegroupltd.co.ukmaillist-manage.com.au/warumbistdusoarm.space/webmessenger.yahoo.com/legalredirect.yahoo.com/cryptominer.msedgedemo.example/worldwidetelescope.org/salesforceliveagent.com/visualwebsiteoptimizer.com/webtrackingservices.com/graphenedigitalanalytics.in/microsoftedgeinsiders.commicrosoftazuread-sso.commicrosoftedgeinsider.comsensisdigitalmedia.com.auGame Advertising Onlinewebtrackingservices.commaxpointinteractive.comcomgame-advertising-online.comExponential InteractiveExponential Interactivecomplexmedianetwork.comsuccessfultogether.co.ukaggregateintelligence.comGrocery Shopping Networkingraphenedigitalanalytics.indirectresponsegroup.commScandinavian AdNetworksinflectionpointmedia.complevanarsdel.msedgedemo.examplescandinavianadnetworks.comExponential Interactivesalesforceliveagent.complefabrikam.msedgedemo.examplevisualwebsiteoptimizer.comchannelintelligence.comExponential Interactiverakuten-insurance.co.jpquantum-advertising.comePublishers Clearing Housemartinimedianetwork.comomsalesforce-communities.commsnprod.oberon-media.comconsole.aws.amazon.com/@ZrX[ equals www.yahoo.com (Yahoo)
Source: msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: /search?q=spanish%20liga&/search?q=italian+liga&/search?q=german%20liga&.au/search?q=premier%20league&/search?q=premier+league&smallbusiness.yahoo.comwww.languageacademy.com.autext_prediction_overrideprism_explorer_overridePrismExplorerTypeOptOuttechcommunity.microsoft.comfree-freecell-solitaire.comimg-s-msn-com.akamaized.netmedia_foundation_overridecontent_filter_on_off_switch " equals www.yahoo.com (Yahoo)
Source: 000003.log9.4.dr	String found in binary or memory: Gnamespace-63443271_fab8_4a0f_849c_44ad722bc412-https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: 000003.log9.4.dr	String found in binary or memory: Hnamespace-99d744cb_e71f_4535_a2fd_6b0bc55c1d85-https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: 000003.log9.4.dr	String found in binary or memory: Hnamespace-99d744cb_e71f_4535_a2fd_6b0bc55c1d85-https://www.facebook.com/]"I equals www.facebook.com (Facebook)
Source: chromecache_747.14.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=fD(a,c,e);R(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return R(122),!0;if(d&&f){for(var m=Db(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},iD=function(){var a=[],b=function(c){return gb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: fabrikam.msedgedemo.example/harrenmedianetwork.com/zetaemailsolutions.com/martinimedianetwork.com/vanarsdel.msedgedemo.example/maxpointinteractive.com/complexmedianetwork.com/evolvemediametrics.com/coxdigitalsolutions.com/marketingsolutions.yahoo.com/multiplestreammktg.com/sensisdigitalmedia.com.au/yandex.ru/portal/set/anygame-advertising-online.com/stargamesaffiliate.com/targetingmarketplace.combrilliancepublishing.comwww.geniegroupltd.co.ukmaillist-manage.com.au/warumbistdusoarm.space/webmessenger.yahoo.com/legalredirect.yahoo.com/cryptominer.msedgedemo.example/worldwidetelescope.org/salesforceliveagent.com/visualwebsiteoptimizer.com/webtrackingservices.com/graphenedigitalanalytics.in/antifraudjs.friends2follow.com/`;; equals www.yahoo.com (Yahoo)
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: return f}rG.K="internal.enableAutoEventOnTimer";var cc=wa(["data-gtm-yt-inspected-"]),tG=["www.youtube.com","www.youtube-nocookie.com"],uG,vG=!1; equals www.youtube.com (Youtube)
Source: chromecache_747.14.dr	String found in binary or memory: var GF=function(a,b,c,d,e){var f=DC("fsl",c?"nv.mwt":"mwt",0),g;g=c?DC("fsl","nv.ids",[]):DC("fsl","ids",[]);if(!g.length)return!0;var k=IC(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);R(121);if(m==="https://www.facebook.com/tr/")return R(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!qB(k,sB(b, equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.com . equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.com . equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.com!* equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.comd- equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.facebook.comwww.facebook.com equals www.facebook.com (Facebook)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.youtube.com# equals www.youtube.com (Youtube)
Source: load_statistics.db-wal.4.dr	String found in binary or memory: www.youtube.comwww.youtube.com equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: ntp.msn.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global traffic	DNS traffic detected: DNS query: sb.scorecardresearch.com
Source: global traffic	DNS traffic detected: DNS query: assets.msn.com
Source: global traffic	DNS traffic detected: DNS query: c.msn.com
Source: global traffic	DNS traffic detected: DNS query: api.msn.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: cfl.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: fjord.dropboxstatic.com
Source: global traffic	DNS traffic detected: DNS query: www.microsoft365.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: outlook.office.com
Source: global traffic	DNS traffic detected: DNS query: portal.office.com
Source: global traffic	DNS traffic detected: DNS query: substrate.office.com
Source: global traffic	DNS traffic detected: DNS query: d.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: marketing.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: fp.dropbox.com
Source: global traffic	DNS traffic detected: DNS query: use1-turn.fpjs.io
Source: global traffic	DNS traffic detected: DNS query: cdn.dropboxexperiment.com
Source: global traffic	DNS traffic detected: DNS query: dropboxcaptcha.com
Source: global traffic	DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic	DNS traffic detected: DNS query: c.contentsquare.net
Source: global traffic	DNS traffic detected: DNS query: static.ads-twitter.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: csp.withgoogle.com
Source: global traffic	DNS traffic detected: DNS query: dropbox.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: lh3.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: static.xingcdn.com
Source: global traffic	DNS traffic detected: DNS query: t.co
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: td.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: www.xing.com
Source: global traffic	DNS traffic detected: DNS query: publickeyservice.pa.gcp.privacysandboxservices.com
Source: global traffic	DNS traffic detected: DNS query: publickeyservice.pa.aws.privacysandboxservices.com
Source: global traffic	DNS traffic detected: DNS query: munchkin.marketo.net
Source: global traffic	DNS traffic detected: DNS query: google.com
Source: global traffic	DNS traffic detected: DNS query: accounts.youtube.com
Source: global traffic	DNS traffic detected: DNS query: www.knotch-cdn.com
Source: global traffic	DNS traffic detected: DNS query: bttrack.com
Source: global traffic	DNS traffic detected: DNS query: 077-zjt-858.mktoresp.com
Source: global traffic	DNS traffic detected: DNS query: frontdoor.knotch.it
Source: global traffic	DNS traffic detected: DNS query: configs.knotch.com
Source: global traffic	DNS traffic detected: DNS query: connect.facebook.net
Source: global traffic	DNS traffic detected: DNS query: 10906599.fls.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ad.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: snap.licdn.com
Source: global traffic	DNS traffic detected: DNS query: adservice.google.com
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: s.yimg.jp
Source: global traffic	DNS traffic detected: DNS query: static.cloud.coveo.com
Source: global traffic	DNS traffic detected: DNS query: www.emjcd.com
Source: global traffic	DNS traffic detected: DNS query: cdn.bttrack.com
Source: global traffic	DNS traffic detected: DNS query: cj.dotomi.com
Source: global traffic	DNS traffic detected: DNS query: js.zi-scripts.com

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: private,no-cachePragma: no-cacheContent-Type: text/htmlExpires: -1Set-Cookie: GLOBALID=2uKlc8-sIBd987FnXwS9YmH-eAwAJy79CHE4nXOzI7uOQTxrCPfELP5M5BzVn_NRJGr2HA7wNJQC4TM1; domain=.bttrack.com; expires=Mon, 09-Jun-2025 07:37:46 GMT; path=/; secure; SameSite=NoneX-ServerName: Track003-iadDate: Tue, 11 Mar 2025 07:37:46 GMTConnection: closeContent-Length: 1245Strict-Transport-Security: max-age=31536000;
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: private,no-cachePragma: no-cacheContent-Type: text/htmlExpires: -1Set-Cookie: GLOBALID=2uKlc8-sIBd987FnXwS9YmH-eAwAJy79CHE4nXOzI7uOQTxrCPfELP5M5BzVn_NRJGr2HA7wNJQC4TM1; domain=.bttrack.com; expires=Mon, 09-Jun-2025 07:38:21 GMT; path=/; secure; SameSite=NoneX-ServerName: Track001-iadDate: Tue, 11 Mar 2025 07:38:21 GMTConnection: closeContent-Length: 1245Strict-Transport-Security: max-age=31536000;

Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://169.254.169.254/metadata/instance/compute/location
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/1452
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152http://crbug.com/1165751lose_context_on_out_of_memoryhttp://anglebug.com/604
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/2152lose_context_on_out_of_memoryhttp://anglebug.com/3682http://anglebug.com/472
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246
Source: msedgewebview2.exe, 0000001A.00000002.4359845394.00005B58007E8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3246taterewrite_unary_minus_operator
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/3682
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 0000001A.00000003.3529758396.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 0000001A.00000002.4395565474.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5007get
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5658
Source: msedgewebview2.exe, 0000001A.00000002.4359845394.00005B58007E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750Allow
Source: msedgewebview2.exe, 0000001A.00000002.4359845394.00005B58007E8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/5750enableProgramBinaryForCapture
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 0000001A.00000003.3645524859.0000020D85576000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
Source: WebViewHost.exe, 00000019.00000002.4127385492.000002305D313000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4131298184.000002305D367000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0B
Source: msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4147055697.000000E0008F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4145664653.000000E0007D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt0
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/1165751https://crbug.com/655534forceRobustResourceInitforceInitShaderVariableshttp:
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crbug.com/941620
Source: msedgewebview2.exe, 0000001A.00000002.4143652018.0000020D85500000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
Source: msedgewebview2.exe, 0000001A.00000003.3645524859.0000020D85576000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3650714104.000000E000351000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
Source: WebViewHost.exe, 00000019.00000002.4127385492.000002305D313000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4131298184.000002305D367000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl0
Source: msedgewebview2.exe, 0000001A.00000002.4308885331.0000020DFC38A000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl
Source: msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4147055697.000000E0008F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4145664653.000000E0007D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl0?
Source: msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://crl4.dig
Source: msedgewebview2.exe, 0000001A.00000003.3645524859.0000020D85576000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3650714104.000000E000351000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
Source: msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4147055697.000000E0008F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4145664653.000000E0007D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl0~
Source: msedgewebview2.exe, 0000001A.00000003.3759570145.00005B5800BE8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4125517355.000000E000324000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4146038666.000000E0007E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4148002781.000000E000F60000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://e5.i.lencr.org/0A
Source: msedgewebview2.exe, 0000001A.00000002.4149857824.0000020D8595E000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4144282442.0000020D85523000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org
Source: msedgewebview2.exe, 0000001A.00000002.4145800591.0000020D8554D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBQeEcDJrP2kU%2B9LL2pzIRVgTVStuQQUmc0pw6FYJq96ekyE
Source: msedgewebview2.exe, 0000001A.00000003.3759570145.00005B5800BE8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4125517355.000000E000324000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4146038666.000000E0007E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4148002781.000000E000F60000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org0
Source: msedgewebview2.exe, 0000001A.00000002.4301299562.0000020DFA4E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org1.3.6.1.5.5.7.48.2http://e5.i.lencr.org/
Source: msedgewebview2.exe, 0000001A.00000002.4301299562.0000020DFA4E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org1.3.6.1.5.5.7.48.2http://e5.i.lencr.org/0
Source: msedgewebview2.exe, 0000001A.00000002.4301299562.0000020DFA4E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org1.3.6.1.5.5.7.48.2http://e5.i.lencr.org/C:
Source: msedgewebview2.exe, 0000001A.00000002.4301299562.0000020DFA4E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://e5.o.lencr.org1.3.6.1.5.5.7.48.2http://e5.i.lencr.org/P
Source: msedgewebview2.exe, 00000020.00000003.3685247066.0000372801794000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://fb.me/use-check-prop-types
Source: WebViewHost.exe, 00000019.00000002.4127385492.000002305D313000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4131298184.000002305D367000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3645524859.0000020D85576000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4147055697.000000E0008F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4145664653.000000E0007D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://ocsp.digicert.com0H
Source: msedgewebview2.exe, 0000001A.00000002.4146590573.0000020D8556E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootCA.crlhttp://crl4.digicert.com/Di
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://odc.officeapps.live.com/
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://odc.officeapps.live.com/icon_idh
Source: msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://permanently-removed.invalid/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://permanently-removed.invalid/https://permanently-removed.invalid/internal-nacl-pluginmhjfbmdgc
Source: msedgewebview2.exe, 0000001A.00000002.4386992838.00005B5800AB0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://permanently-removed.invalid/safebrowsing/clientreport/chrome-certs
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://portal.office.com/
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://portal.office.com/smartscreen.allow_list_domains
Source: msedgewebview2.exe, 0000001E.00000003.3767327535.000000E000920000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614306962.000000E00077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767117694.000000E00095C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4147055697.000000E0008F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3617613724.000000E0002EA000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4145664653.000000E0007D0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3614330973.000000E0008F4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3621273460.000000E00091C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3767920068.000000E000350000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: msedgewebview2.exe, 0000001A.00000002.4149857824.0000020D8595E000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4148570373.0000020D85900000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://x1.c.lencr.org/
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA4BE000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3759570145.00005B5800BE8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4125517355.000000E000324000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://x1.c.lencr.org/0
Source: msedgewebview2.exe, 0000001A.00000002.4144282442.0000020D85513000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://x1.i.lencr.org/
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA4BE000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3759570145.00005B5800BE8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4125517355.000000E000324000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4120480230.000000E0002BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://x1.i.lencr.org/0
Source: msedgewebview2.exe, 00000020.00000002.4455008905.00003728020CD000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=NE
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://account.box.com/api/oauth2/authorize
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://accountcapabilities-pa.googleapis.com/
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4425525077.000037280029C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://accountcapabilities-pa.googleapis.com/v1/accountcapabilities:batchGet
Source: msedgewebview2.exe, 00000020.00000002.4425525077.000037280029C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://accountcapabilities-pa.googleapis.com/v1/accountcapabilities:batchGeteb
Source: msedgewebview2.exe, 00000020.00000003.3675290066.00003728016D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/griffel-css-shorthands
Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4063008806.0000070E00A0E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://aka.ms/msaljs/optional-claims
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://alekberg.net/privacy
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.box.com/oauth2/token
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.box.com/oauth2/tokenhttps://account.box.com/api/oauth2/authorizehttps://permanently-remo
Source: msedgewebview2.exe, 00000020.00000003.3659920382.0000372800D90000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.powerplatform.com/.default
Source: msedgewebview2.exe, 00000020.00000003.3659920382.0000372800D90000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.preprod.powerplatform.com/.default
Source: msedgewebview2.exe, 00000020.00000003.4063008806.0000070E00A18000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3708236504.0000070E00A18000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.htm
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://azureedge.net/
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00D83000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://bit.ly/3cXEKWf
Source: msedgewebview2.exe, 0000001A.00000002.4322043368.00005B5800238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://box.com
Source: f1215887448.exe	String found in binary or memory: https://bugs.kde.org
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ccm.mobile.m365.svc.cloud.microsoft
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ccm.mobile.m365.svc.cloud.microsoftd
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ccm.mobile.m365.svc.cloud.microsoftx_
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cdn.config.centro.core.microsoft/uxversion
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chrome.cloudflare-dns.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chrome.cloudflare-dns.com/dns-queryhttps://doh-02.spectrum.com/dns-query
Source: msedgewebview2.exe, 0000001A.00000002.4372182474.00005B580093C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chrome.google.com/webstore
Source: msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chrome.google.com/webstore6EAED1924DB611B6EEF2A664BD077BE7EAD33B8F28
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chrome.google.com/webstorekgejglhpjiefppelpmljglcjbhoiplfnuser_experience_metrics.reporting_
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chromereporting-pa.googleapis.com/v1/record
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chromereporting-pa.googleapis.com/v1/recordhttps://permanently-removed.invalid/devicemanagem
Source: msedgewebview2.exe, 0000001A.00000002.4394147517.00005B5800C14000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chromium-i18n.appspot.com/ssl-aggregate-address/
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://chromium.dns.nextdns.io
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://cleanbrowsing.org/privacy
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3687578667.00003728017E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://clients.config.gcc.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3687578667.00003728017E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://clients.config.office.net
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4424591440.0000372800270000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: msedgewebview2.exe, 00000020.00000003.3616235243.00003728008A7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://collectionsshare.edgebrowser.microsoft-falcon.io/
Source: msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://collectionsshare.edgebrowser.microsoft-staging-falcon.io/
Source: msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://collectionsshare.edgebrowser.microsoft-testing-falcon.io/
Source: msedgewebview2.exe, 0000001A.00000002.4331438776.00005B5800330000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://config.edge.skype.com/config/v1/Edge/100.0.1185.36?clientId=2827855680816830549&agents=EdgeC
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://copilot.cloud-dev.microsoft
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://copilot.cloud-dev.microsoftp_
Source: msedgewebview2.exe, 00000020.00000003.3661410235.000037280160C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://copilot.cloud.microsoft
Source: msedgewebview2.exe, 0000001A.00000002.4359845394.00005B58007E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D00035F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024force_atomic_value_resolutionemulate_tiny_stencil_texturesselect_view_in_geo
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/593024pskip_vs_constant_register_zeroselect_view_in_geometry_shaderrewrite_unary_m
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547http://anglebug.com/1452depth_stencil_blit_extra_copyhttps://crbug.com/65553
Source: msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/650547ownhttp://anglebug.com/6041https://crbug.com/6555343http://anglebug.com/3682
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000003.3529602592.000059D000358000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://crbug.com/655534
Source: f1215887448.exe	String found in binary or memory: https://csp.withgoogle.com/csp/gstatic-ui-assets
Source: f1215887448.exe	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001F.00000002.4119997997.00003E0C00244000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-dogfood.azurewebsites.net/https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001F.00000002.4119997997.00003E0C00244000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001F.00000002.4119997997.00003E0C00244000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp-int.azurewebsites.net/https://designerapp-dogfood.azurewebsites.net/https://desi
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001D.00000002.4150803762.000059D000238000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001F.00000002.4119997997.00003E0C00244000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp.azurewebsites.net/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp.azurewebsites.net/es.net/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerapp.azurewebsites.net/https://designerapp-dogfood.azurewebsites.net/https://designer
Source: msedgewebview2.exe, 00000020.00000003.3659920382.0000372800D90000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://designerappservice.officeapps.live.com/designerappservice.all
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://devappglobal.blob.core.windows.net/images/1fae1e74-c74e-41ba-875e-804783f8170a/color/5077ec3
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://devappglobal.blob.core.windows.net/images/1fae1e74-c74e-41ba-875e-804783f8170a/outline/8f7c1
Source: WebViewHost.exe, 00000019.00000003.3565746837.00002EEA002F8000.00000004.00000800.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3520131878.000002305D381000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3565746837.00002EEA00308000.00000004.00000800.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4135735876.000002305EC02000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3565958575.00002EEA00308000.00000004.00000800.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3521343689.000002305D3A6000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3566013568.00005B5800EF8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D00000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4060674151.0000070E00690000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4416826911.0000070E00F02000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3581997487.0000372800A60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3580564264.0000372800A70000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3691964929.0000070E00682000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3702810308.0000070E00502000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://devdiv.visualstudio.com/DevDiv/_git/VS?path=%2Fsrc%2Fbptoob%2FScriptedHost%2FScripts%2F1.8%2
Source: WebViewHost.exe, 00000019.00000003.3565746837.00002EEA002F8000.00000004.00000800.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3520131878.000002305D381000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000003.3565746837.00002EEA00308000.00000004.00000800.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4135735876.000002305EC02000.00000004.00000020.00020000.00000000.sdmp, WebViewHost.exe, 00000019.00000002.4131298184.000002305D367000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D00000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4416826911.0000070E00F02000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3581997487.0000372800A60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3580564264.0000372800A70000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3691964929.0000070E00682000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3702810308.0000070E00502000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Manifest
Source: msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/
Source: msedgewebview2.exe, 0000001E.00000002.4111683941.000000E000236000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://developers.cloudflare.com/1.1.1.1/privacy/public-dns-resolver/network.mojom.CookieChangeList
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://developers.google.com/speed/public-dns/privacy
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://developers.google.com/speed/public-dns/privacyquery
Source: 000005.ldb.4.dr, History.4.dr, 000003.log9.4.dr	String found in binary or memory: https://dl.google.com/tag/s/appguid%3D%7B8A69D345-D564-463C-AFF1-A69D9E530F96%7D%26iid%3D%7B47432BF7
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.google/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.quad9.net/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.sb/privacy/
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.sb/privacy/https://odvr.nic.cz/dohhttps://www.nic.cz/odvr/ueryhttps://doh.cox.net/dns-qu
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.switch.ch/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns.switch.ch/dns-queryhttps://dns.quad9.net/dns-queryhttps://chromium.dns.nextdns.iohttps:/
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns10.quad9.net/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns11.quad9.net/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dns64.dns.google/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://dnsnl.alekberg.net/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh-01.spectrum.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh-02.spectrum.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/adult-filter
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/family-filter
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.cleanbrowsing.org/doh/security-filter
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.cox.net/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.dns.sb/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.familyshield.opendns.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.opendns.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.quickline.ch/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://doh.xfinity.com/dns-query
Source: msedgewebview2.exe, 0000001E.00000002.4119638049.000000E0002AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ecs.nel.measure.office.net/api/report?TenantId=Edge&DestinationEndpoint=Edge-Prod-EWR30r4b&F
Source: msedgewebview2.exe, 0000001E.00000002.4142170497.000000E000680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ecsure.of
Source: msedgewebview2.exe, 00000020.00000003.3674433415.00003728016BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/microsoft/fluentui/wiki/Using-icons
Source: msedgewebview2.exe, 00000020.00000003.3675290066.00003728016D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/microsoft/griffel/issues
Source: msedgewebview2.exe, 00000020.00000003.3680945386.0000372801724000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://github.com/uuidjs/uuid#getrandomvalues-not-supported
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://google.com/
Source: msedgewebview2.exe, 00000020.00000003.3558239357.000037280039C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3538533103.00003728006C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3538447207.00003728006C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://html.spec.whatwg.org/C/#the-details-and-summary-elements
Source: msedgewebview2.exe, 00000020.00000003.3538533103.00003728006C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3538447207.00003728006C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://html.spec.whatwg.org/multipage/rendering.html#hidden-elements
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/debug
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/debugncG
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/debugt
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/launchcontent
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/launchcontentch
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/module
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/module0
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.net/o
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarshark.azurewebsites.nete
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarsshark.azurewebsites.net
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarsshark.azurewebsites.net$
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://jaguarsshark.azurewebsites.nete
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://localcdn.centro-dev.com:5555
Source: msedgewebview2.exe, 00000020.00000003.3707985091.0000070E00A0B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4063754267.0000070E00A09000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.chinacloudapi.cn
Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.chinacloudapi.cn/
Source: msedgewebview2.exe, 0000001A.00000002.4308885331.0000020DFC38A000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4144282442.0000020D85523000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4149262919.0000020D85924000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4381637933.00005B5800A3C000.00000004.00000800.00020000.00000000.sdmp, Session_13386152177546574.4.dr, 000003.log7.4.dr	String found in binary or memory: https://login.live.com
Source: msedgewebview2.exe, 0000001A.00000002.4308885331.0000020DFC38A000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, Network Action Predictor.4.dr, Session_13386152177546574.4.dr, 000003.log9.4.dr	String found in binary or memory: https://login.live.com/
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3658692703.000037280078C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/Me.srf?wa=wsignin1.0&idpflag=indirect&id=12&wreply=
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/X-Omnibox-On-Device-SuggestionsX-GoogApps-Allowed-Domains
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3658692703.000037280078C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.live.com/forgetuser
Source: msedgewebview2.exe, 00000020.00000003.3689254646.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp, Session_13386152177546574.4.dr	String found in binary or memory: https://login.microsoftonline.com
Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp, Session_13386152177546574.4.dr, 000003.log9.4.dr	String found in binary or memory: https://login.microsoftonline.com/
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/common
Source: msedgewebview2.exe, 00000020.00000003.3691964929.0000070E0072A000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/common/
Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3658692703.000037280078C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/forgetuser
Source: msedgewebview2.exe, 00000020.00000003.3689254646.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/logout.srf
Source: msedgewebview2.exe, 00000020.00000003.3649596983.0000372800B38000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/logout.srfxs
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3658692703.000037280078C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com/savedusers?wreply=
Source: msedgewebview2.exe, 00000020.00000003.3649596983.0000372800B38000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.com8s
Source: msedgewebview2.exe, 00000020.00000003.4063754267.0000070E00A09000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.de
Source: msedgewebview2.exe, 00000020.00000003.4063754267.0000070E00A09000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.us
Source: msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.microsoftonline.us/
Source: msedgewebview2.exe, 00000020.00000003.3707985091.0000070E00A1B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.partner.microsoftonline.cn/
Source: msedgewebview2.exe, 00000020.00000003.3707985091.0000070E00A0B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4063754267.0000070E00A09000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673592338.0000372801674000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.windows-ppe.net
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00E42000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.local
Source: WebViewHost.exe, 00000019.00000002.4134338468.000002305D3E7000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4301299562.0000020DFA4E0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.local/
Source: msedgewebview2.exe, 0000001A.00000002.4149640208.0000020D8594D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.net
Source: msedgewebview2.exe, 0000001A.00000002.4149640208.0000020D8594D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://login.windows.net/
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3661278892.0000372800DF0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://m365.cloud.microsoft
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://m365.cloud.microsoftx
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp, Reporting and NEL.30.dr	String found in binary or memory: https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=NE
Source: f1215887448.exe	String found in binary or memory: https://mail.google.com
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoft.microsoftofficehub/
Source: msedgewebview2.exe, 0000001E.00000002.4146625319.000000E000860000.00000004.00000800.00020000.00000000.sdmp, data_1.30.dr	String found in binary or memory: https://microsoft365.com
Source: msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp, 504b2d47b30479ba_0.26.dr, fb1034114cace2e7_0.26.dr, 8987ac9563f39432_0.26.dr, c5bbc5ad14d4e4d9_0.26.dr	String found in binary or memory: https://microsoft365.com/
Source: msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoft365.com/ndows/newsbar
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoft365.com/om/
Source: msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://microsoft365.com/om/Target.detachedFromTarget
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://nextdns.io/privacy
Source: msedgewebview2.exe, 0000001A.00000003.3532385240.00005B580081B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4435751310.00003728008CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4425525077.000037280029C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ntp.msn.cn/
Source: msedgewebview2.exe, 0000001A.00000003.3532385240.00005B580081B000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4325329274.00005B5800284000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4435751310.00003728008CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4425525077.000037280029C000.00000004.00000800.00020000.00000000.sdmp, 000003.log5.4.dr, 000003.log9.4.dr	String found in binary or memory: https://ntp.msn.com/
Source: msedgewebview2.exe, 00000020.00000003.3643135252.000037280089C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ntp.www.office.com/
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://odvr.nic.cz/doh
Source: msedgewebview2.exe, 00000020.00000003.3796966811.00003728009D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3687869782.00003728017FB000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673486151.00003728007A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://office.visualstudio.com/OC/_git/M365AdminUX?path=%2Fmodules%2Fhvc-loader
Source: msedgewebview2.exe, 00000020.00000003.3796966811.00003728009D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3687869782.00003728017FB000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3673486151.00003728007A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://office.visualstudio.com/OC/_workitems/edit/2364251
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-48-blue-background.png
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-48-blue-background.pngp
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-48-blue-background.pngpi
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-96-blue-background.png
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-96-blue-background.png6
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://officehome.cdn.office.net/officestartbundles/park-bundle-icon-96-blue-background.png65
Source: msedgewebview2.exe, 00000020.00000003.3660962634.0000372800DC8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3652203141.000037280132C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp, Session_13386152177546574.4.dr, 000003.log7.4.dr, 011d9751-92d8-4842-80cf-8ddcc2b4f0a4.tmp.5.dr	String found in binary or memory: https://onedrive.live.com
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3652203141.000037280132C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://onedrive.live.com/browser?app=MetaOS&fileBrowser=
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://onedrive.live.comt
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook-1.cdn.office.net/yammer/20211004001.2745867/images/YammerLogo-dccc609aadb29dbd2a112a
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook-sdf.office.com
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook-sdf.office.com/hosted/calendar/prepare?&cspoff&features=prepare-hubEnabled
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook-sdf.office.com/tasks?app&branch=anvm-metaos-auth
Source: msedgewebview2.exe, 00000020.00000003.3676530808.00003728016F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C54000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com
Source: msedgewebview2.exe, 00000020.00000003.3661015974.0000372800DCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/actionsb2netcore
Source: msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/actionsb2netcore(7X
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/hN
Source: msedgewebview2.exe, 00000020.00000003.3661015974.0000372800DCC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/hosted/semanticoverview
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/hosted/semanticoverview?hostApp=hub&isanonymous=true&features=immersive-b
Source: msedgewebview2.exe, 00000020.00000003.3658863124.0000372800C30000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office.com/semanticoverview/m365ChatSSO
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office365.com/connectors
Source: msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://outlook.office365.com/connectorsH
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ow2.res.office365.com/todo/358299_2.43.2/icons/logo.png
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ow2.res.office365.com/todo/362889_2.44/favicon.ico
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ow2.res.office365.com/todo/362889_2.44/favicon.icot
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://ow2.res.office365.com/todo/362889_2.44/favicon.icoteC
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/AddSession
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/AuthSubRevokeToken
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ClientLogin
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/GetCheckConnectionInfo
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/GetCheckConnectionInfo?source=ChromiumBrowser
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/GetUserInfo
Source: msedgewebview2.exe, 0000001A.00000002.4363292154.00005B5800850000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ListAccounts?json=standard
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/Logout
Source: msedgewebview2.exe, 0000001A.00000002.4398075178.00005B5800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/Logout?source=ChromiumBrowser&continue=https://permanently-remov
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4392999807.00005B5800B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/MergeSession
Source: msedgewebview2.exe, 0000001A.00000002.4392999807.00005B5800B84000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/MergeSessionhttps://permanently-removed.invalid/oauth/multilogin
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/OAuthGetAccessToken
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/OAuthLogin
Source: msedgewebview2.exe, 0000001A.00000002.4392210046.00005B5800B50000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/OAuthLogin?source=ChromiumBrowser&issueuberauth=1
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/OAuthWrapBridge
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ServiceLogin
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ServiceLoginAuth
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/ServiceLoginhttps://permanently-removed.invalid/ServiceLoginAuth
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/TokenAuth
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/chrome/blank.htmlhttps://permanently-removed.invalid/MergeSessio
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/devicemanagement/data/api
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/reauth/chromeos
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/chrome/usermenu
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/kidsignin/chromeos
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/kidsignup/chromeos
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/v2/chromeos
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/windows
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/setup/windowshttps://permanently-removed.invalid/embedd
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/xreauth/chrome
Source: msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/embedded/xreauth/chromehttps://permanently-removed.invalid/embed
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop
Source: msedgewebview2.exe, 0000001A.00000002.4327134046.00005B580029C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4426214041.00003728002BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
Source: msedgewebview2.exe, 00000020.00000002.4426214041.00003728002BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB7(
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/https://permanently-removed.invalid/
Source: msedgewebview2.exe, 0000001A.00000002.4335077783.00005B580036C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/https://permanently-removed.invalid/https://permanently-removed.
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/o/oauth/GetOAuthToken/
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/o/oauth/GetOAuthToken/https://permanently-removed.invalid/GetChe
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/o/oauth2/auth
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4392999807.00005B5800B84000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
Source: msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth/multiloginhttps://permanently-removed.invalid/MergeSession
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/oauth2/v4/tokenX
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/--embedded-browser-webview=1
Source: msedgewebview2.exe, 0000001A.00000002.4341797036.00005B580063C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/safebrowsing/uploads/scan
Source: msedgewebview2.exe, 0000001A.00000002.4341797036.00005B580063C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/safebrowsing/uploads/scanenterprise_connectors.file_system.box.f
Source: msedgewebview2.exe, 0000001A.00000002.4323421004.00005B580024C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4423764800.0000372800248000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/signin/chrome/sync?ssp=1
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1/events
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
Source: msedgewebview2.exe, 0000001A.00000002.4336634070.00005B5800398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1/issuetokenhttps://permanently-removed.invalid/reauth/v1beta/u
Source: msedgewebview2.exe, 0000001A.00000002.4347482879.00005B58006D4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://permanently-removed.invalid/v1:GetHints
Source: msedgewebview2.exe, 00000020.00000003.3735805253.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://portal.office.com/EditProfile15.aspx?ServiceID=LanguageItem
Source: msedgewebview2.exe, 00000020.00000003.3689254646.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://portal.office.com/account?username=
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://products.office.com/en-us/sharepoint/collaboration
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://public.dns.iij.jp/
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://public.dns.iij.jp/dns-query
Source: msedgewebview2.exe, 00000020.00000003.3713644241.0000070E00AC6000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: msedgewebview2.exe, 00000020.00000003.3673438720.00003728007AC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://reactjs.org/docs/refs-and-the-dom.html#callback-refs
Source: msedgewebview2.exe, 00000020.00000003.3686469713.00003728017C0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://redux.js.org/Errors?code=
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1-cdn.azureedge.eaglex.ic.gov
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1-cdn.azureedge.microsoft.scloud
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1-dod.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1-gcch.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.
Source: msedgewebview2.exe, 00000020.00000002.4433706777.00003728006FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res-1.cdn.office.net"
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00D54000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/
Source: msedgewebview2.exe, 00000020.00000003.3674433415.00003728016BC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/leelawadeeui-thai/leela
Source: msedgewebview2.exe, 00000020.00000003.4060674151.0000070E00642000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-arabic/segoeui-
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-armenian/segoeu
Source: msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-cyrillic/segoeu
Source: msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-easteuropean/se
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-georgian/segoeu
Source: msedgewebview2.exe, 00000020.00000002.4454580875.00003728020B0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-greek/segoeui-b
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D55000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4454580875.00003728020B0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-greek/segoeui-l
Source: msedgewebview2.exe, 00000020.00000002.4454580875.00003728020B0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-greek/segoeui-r
Source: msedgewebview2.exe, 00000020.00000002.4454580875.00003728020B0000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-greek/segoeui-s
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00D56000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-hebrew/segoeui-
Source: msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-vietnamese/sego
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/segoeui-westeuropean/se
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/selawik/selawik-bold.wo
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/selawik/selawik-light.w
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/selawik/selawik-regular
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/selawik/selawik-semibol
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00D57000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20230815.002/assets/fonts/selawik/selawik-semilig
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E00442000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/files/fabric-cdn-prod_20241029.001/assets/item-types/
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/officehub/versionless/preinstalledapps/apps_512x512.png
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/officehub/versionless/preinstalledapps/apps_512x512.pnge
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/officehub/versionless/preinstalledapps/apps_512x512.pngel
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-1.cdn.office.net/shellux/onedrive_24x.48ff325b96939ffeb92ab7ba4dc237d1.svg
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-2-dev.cdn.officeppe.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-2-dod.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-2-gcch.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-2-h3.public.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-2-h3.sdf.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-3.cdn.partner.office365.cn
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-4.cdn.partner.office365.cn
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-cn.cdn.partner.office365.cn
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-dev.cdn.officeppe.net
Source: msedgewebview2.exe, 00000020.00000003.3683706781.0000372801764000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-dod.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.3683706781.0000372801764000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-gcc.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.3683706781.0000372801764000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res-gcch.cdn.office.net
Source: msedgewebview2.exe, 0000001A.00000002.4392700047.00005B5800B78000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.
Source: msedgewebview2.exe, 0000001A.00000002.4392700047.00005B5800B78000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.ce.n
Source: msedgewebview2.exe, 00000020.00000003.3683706781.0000372801764000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00D6C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/files/fabric-cdn-prod_20241209.001
Source: msedgewebview2.exe, 00000020.00000003.3661410235.000037280160C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/midgard/versionless/officestarthtml/notice-0c1531089696de7b1258e2eaeb2ca5
Source: msedgewebview2.exe, 00000020.00000003.3635476065.000037280153C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, 504b2d47b30479ba_0.26.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/otel-logger-a79fa4a4c2580f67e6a9.js
Source: msedgewebview2.exe, 00000020.00000002.4428851388.0000372800365000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433797341.0000372800704000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/pwaunauth-5f15b4fd4a.css
Source: msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/pwaunauth-5f15b4fd4a.csseropPromiseoff2
Source: msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/pwaunauth-5f15b4fd4a.csseropPromiseoff27(h
Source: msedgewebview2.exe, 00000020.00000003.3635476065.000037280153C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, fb1034114cace2e7_0.26.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/sharedscripts-939520eada.js
Source: msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/bundles/sharedscripts-939520eada.js2c4c9a51f.js
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4431804281.0000372800614000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/calendardefaultstates-sprite-ee77e113cd.p
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/document-sprite-f8cd18cf2a.png
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/document-sprite-f8cd18cf2a.pngirective:
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/emptystate-sprite-general-236a6305cf.png
Source: msedgewebview2.exe, 00000020.00000002.4431804281.0000372800614000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/emptystate-sprite-general-darkmode-a7a65e
Source: msedgewebview2.exe, 00000020.00000002.4428628686.000037280034C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/lockup-mslogo-color-78c06e8898.png
Source: msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/lockup-mslogo-color-78c06e8898.pngtive:
Source: msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3611135790.0000372800654000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/new-consumer-experience/empty-state-pinne
Source: msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3611135790.0000372800654000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/new-consumer-experience/empty-state-recen
Source: msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3611135790.0000372800654000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/new-consumer-experience/empty-state-share
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/no-filesystem-access-6f5752c4c1.png
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/onedrive-pwa-4db088f12c.png
Source: msedgewebview2.exe, 00000020.00000002.4428628686.000037280034C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/rocksteady-pwa-unauth-frame-893830f459.pn
Source: msedgewebview2.exe, 00000020.00000002.4428851388.0000372800365000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/unauth-checkmark-image-1999f0bf81.png
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/unauth-checkmark-image-1999f0bf81.pnge:
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4433322876.00003728006B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/welcome-sprite-79cda18828.png
Source: msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/images/content/images/zero-docs-sprite-14795e957f.png
Source: msedgewebview2.exe, 00000020.00000003.3635476065.000037280153C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr, c5bbc5ad14d4e4d9_0.26.dr	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.98ea09751142c4c9a51f.js
Source: msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.98ea09751142c4c9a51f.js7(h
Source: msedgewebview2.exe, 00000020.00000002.4442902250.0000372800B18000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.f1158eacf5c
Source: msedgewebview2.exe, 00000020.00000002.4442902250.0000372800B18000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.f1158eacf5c5fcb05a81.css
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.f1158eacf5c5fcb05a81.cssjs
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/main.f1158eacf5c5fcb05a81.cssjs=
Source: msedgewebview2.exe, 0000001A.00000002.4382745511.00005B5800A50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/pwa-bootstrap.a613ee2e59792465e243.js
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/pwa-bootstrap.a613ee2e59792465e243.jspng
Source: msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/pwa-bootstrap.a613ee2e59792465e243.jstive:
Source: msedgewebview2.exe, 00000020.00000003.3636999155.0000372801555000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3620686087.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3736924536.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3615110761.0000372800A60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3653604911.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr, 8987ac9563f39432_0.26.dr, data_1.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/vendors.0e384386f12fe5e98a78.js
Source: msedgewebview2.exe, 00000020.00000002.4434187063.000037280076C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3609624513.0000372800764000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/vendors.0e384386f12fe5e98a78.js243.js
Source: msedgewebview2.exe, 00000020.00000003.3620686087.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3736924536.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3615110761.0000372800A60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3653604911.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartbundles/vendors.0e384386f12fe5e98a78.js7(
Source: msedgewebview2.exe, 00000020.00000003.3689254646.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestarthtml/OSPO/NOTICE-a0580b88479bc941f2526005a51282a0606
Source: msedgewebview2.exe, 00000020.00000003.3661015974.0000372800DCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/copilot-m365-icon-color.svg
Source: msedgewebview2.exe, 00000020.00000003.3652203141.000037280132C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/copilot-m365-icon-color.svg(M
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/copilot_24_light_and_dark.svg
Source: msedgewebview2.exe, 00000020.00000003.3661015974.0000372800DCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/m365-copilot-new-logo.svg
Source: msedgewebview2.exe, 00000020.00000003.3652203141.000037280132C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/m365-copilot-new-logo.svgPM
Source: msedgewebview2.exe, 00000020.00000003.3661015974.0000372800DCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/m365chat-icon-color.svg
Source: msedgewebview2.exe, 00000020.00000003.3652203141.000037280132C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/m365chat-icon-color.svg0M
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/m365copilot-icon_light_and_dark.svg
Source: msedgewebview2.exe, 00000020.00000003.3642108583.00003728012FC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.cdn.office.net/officehub/officestartresources/monoline-icons/copilot.png
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E00282000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432720757.0000372800662000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3611135790.0000372800654000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://res.cdn.office.net/officehub/versionless/officehome/thirdpartynotice.html
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.df.onecdn.static.microsoft
Source: msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.public.onecdn.static.microsoft
Source: msedgewebview2.exe, 00000020.00000003.3683706781.0000372801764000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.4083310647.0000070E00BB2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://res.sdf.cdn.office.net
Source: msedgewebview2.exe, 00000020.00000003.3735805253.0000372800AD5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://scuprodprv.m365.cloud.microsoft/login?es=Click&ru=/
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://scuprodprv.www.office.com/m365apps/07b75f22-72b5-4063-b7fc-0ed5ea8ff3ff/launchcontent?flight
Source: msedgewebview2.exe, 0000001E.00000003.3569574732.000000E000350000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3751181752.000037280077C000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://signup.live.com/signup?mkt=en-CH&uiflavor=app&lw=1&fl=easi2&client_id=514833
Source: msedgewebview2.exe, 00000020.00000003.3790817355.0000372800C28000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://signup.live.com/signup?mkt=en-CH&uiflavor=app&lw=1&fl=easi2&client_id=51483342-085c-4d86-bf8
Source: msedgewebview2.exe, 00000020.00000002.4431804281.0000372800614000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://spoppe-b.azureedge.net
Source: msedgewebview2.exe, 00000020.00000002.4433797341.0000372800704000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://spoppe-b.azureedge.net;
Source: msedgewebview2.exe, 00000020.00000002.4433613195.00003728006EC000.00000004.00000800.00020000.00000000.sdmp, data_3.30.dr	String found in binary or memory: https://spoppe-b.azureedge.net;connect-src
Source: f1215887448.exe	String found in binary or memory: https://ssl.gstatic.com/ui/v1/icons/mail/gm3/1x/info_fill_baseline_n900_20dp.png
Source: f1215887448.exe	String found in binary or memory: https://ssl.gstatic.com/ui/v1/icons/mail/gm3/1x/info_fill_baseline_n900_20dp.pngP(Z
Source: f1215887448.exe	String found in binary or memory: https://ssl.gstatic.com/ui/v1/icons/mail/gm3/2x/inbox_fill_white_20dp.png
Source: f1215887448.exe	String found in binary or memory: https://ssl.gstatic.com/ui/v1/icons/mail/gm3/2x/inbox_fill_white_20dp.pngP(Z
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://static2.sharepointonline.com/files/fabric-cdn-prod_20200430.002/assets/brand-icons/product/p
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://substrate.office.com/
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://substrate.office.com/7(
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://substrate.office.com/search
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C54000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://substrate.office.com/sigsapi/v1.0/Me/Signals
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://support.google.com/chrome/?p=plugin_flash
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://support.google.com/chrome/?p=plugin_flashhttps://support.google.com/chrome/answer/6258784
Source: msedgewebview2.exe, 0000001A.00000002.4337616167.00005B58003C8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://support.google.com/chrome/answer/6258784
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://td.doubleclick.net
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://teams.adatum.com/
Source: msedgewebview2.exe, 00000020.00000003.4063008806.0000070E00A0E000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://tools.ietf.org/html/rfc7515
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA487000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://unitedstates1.ss.wd.microsoft.us
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA487000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://unitedstates2.ss.wd.microsoft.us
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA487000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://unitedstates2.ss.wd.microsoft.uscHi
Source: msedgewebview2.exe, 0000001A.00000002.4298029642.0000020DFA487000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://unitedstates4.ss.wd.microsoft.us
Source: msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://urlp-v2.asm.skype.com
Source: msedgewebview2.exe, 00000020.00000003.3659920382.0000372800D90000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://urlp-v2.asm.skype.com/
Source: msedgewebview2.exe, 00000020.00000003.3659017619.0000372800D44000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://urlp.asm.skype.com/v1/url/content?url=
Source: msedgewebview2.exe, 00000020.00000003.3650176297.0000372800BAC000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://urlp.asm.skype.com/v1/url/content?url=h
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://validurl.adatum.com
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://validurl2.adatum.com
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E003C2000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://web.yammer.com/teams
Source: msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://web.yammer.com/teams/feed?client=office
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://web.yammer.com/teamsM
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://web.yammer.com/teamsMsJ
Source: msedgewebview2.exe, 00000020.00000002.4430143428.00003728003BB000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.cn/
Source: msedgewebview2.exe, 00000020.00000003.3643135252.000037280089C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://windows.msn.com/
Source: 000005.ldb.4.dr, 000003.log9.4.dr	String found in binary or memory: https://www.amazon.com/
Source: msedgewebview2.exe, 0000001E.00000002.4139504583.000000E000644000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.cisco.com/c/en/us/about/legal/privacy-full.html
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.contoso.com
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.contososuites.com
Source: msedgewebview2.exe, 00000020.00000003.4085777002.0000070E00442000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.ftc.go.kr/bizCommPop.do?wrkr_no=1208105948
Source: chromecache_726.14.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr, Tabs_13386152178519863.4.dr, 000003.log7.4.dr	String found in binary or memory: https://www.google.com
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_726.14.dr, chromecache_642.14.dr, chromecache_682.14.dr, chromecache_747.14.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: msedgewebview2.exe, 0000001F.00000002.4119143724.00003E0C0023C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3737418924.0000372801BB4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4428851388.0000372800365000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432047059.000037280062C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4437702176.0000372800924000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4425525077.000037280029C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com
Source: msedgewebview2.exe, 00000020.00000002.4439384971.0000372800974000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com)
Source: msedgewebview2.exe, 00000020.00000002.4432047059.000037280062C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com)#(7
Source: msedgewebview2.exe, 0000001F.00000002.4127883946.00003E0C00364000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3652142239.0000372801554000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3636999155.0000372801555000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4441669024.0000372800A3C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3620686087.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3736924536.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4428851388.0000372800365000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432047059.000037280062C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3615110761.0000372800A60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3653604911.0000372800ABC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4442902250.0000372800B18000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4428628686.000037280034C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3635476065.000037280153C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/
Source: msedgewebview2.exe, 0000001A.00000002.4397296955.00005B5800D9C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/om/
Source: msedgewebview2.exe, 00000020.00000002.4441005098.0000372800A2C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4432964638.0000372800680000.00000004.00000800.00020000.00000000.sdmp, data_1.30.dr, History.26.dr	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromise
Source: msedgewebview2.exe, 0000001A.00000003.3572702840.00005B5800F15000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001E.00000002.4118482566.000000E000298000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromise/
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromise65e243.js
Source: msedgewebview2.exe, 00000020.00000003.3623808908.0000372800A30000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromise7(
Source: WebViewHost.exe, 00000019.00000002.4131015680.000002305D34C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseDLL
Source: msedgewebview2.exe, 0000001A.00000002.4406731914.00005B580100C000.00000004.00000800.00020000.00000000.sdmp, History.26.dr	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseOffice
Source: msedgewebview2.exe, 0000001A.00000002.4366887438.00005B58008A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseX
Source: msedgewebview2.exe, 0000001A.00000002.4401650662.00005B5800EB4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseblob
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromisecc:531
Source: WebViewHost.exe, 00000019.00000002.4140350968.00002EEA0029C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseembedded_browser.
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseerrlt
Source: msedgewebview2.exe, 0000001A.00000002.4401650662.00005B5800EB4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromisehttps
Source: msedgewebview2.exe, 0000001A.00000002.4366887438.00005B58008A4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4401650662.00005B5800EB4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3623808908.0000372800A30000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4441005098.0000372800A2C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromisehttps://www.micro
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromisen
Source: msedgewebview2.exe, 0000001A.00000002.4366887438.00005B58008A4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromisename
Source: msedgewebview2.exe, 0000001A.00000002.4344177127.00005B580067C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromiseon
Source: msedgewebview2.exe, 0000001A.00000002.4329438128.00005B58002D8000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwa?version=18.2411.1163.0&capabilities=interopPromises
Source: WebViewHost.exe, 00000019.00000002.4103065265.000002305B000000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.com/pwaa
Source: msedgewebview2.exe, 0000001A.00000002.4392999807.00005B5800B8A000.00000004.00000800.00020000.00000000.sdmp, 42c67046-2eb1-4716-9c9b-f43187cdcf2b.tmp.26.dr, 6e563428-bbec-469e-9b24-d1f4aac243c8.tmp.26.dr, b8f210ca-a139-4e05-8b32-7aab0f111e47.tmp.26.dr	String found in binary or memory: https://www.microsoft365.com:443
Source: msedgewebview2.exe, 00000020.00000002.4408388771.0000070E00282000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.comB43CD57AEC18876FDF1117FA204EB6301_
Source: WebViewHost.exe, 00000019.00000002.4103065265.000002305B000000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.comRESP
Source: msedgewebview2.exe, 0000001A.00000003.3569372799.00005B5800D20000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.comU
Source: msedgewebview2.exe, 00000020.00000002.4434407466.000037280082C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.microsoft365.comhmimeTypeitext/htmlmadFrameStatus
Source: msedgewebview2.exe, 00000020.00000002.4437966360.0000372800930000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.micrsoft365.com
Source: msedgewebview2.exe, 00000020.00000002.4437966360.0000372800930000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.micrsoft365.com/7(
Source: msedgewebview2.exe, 0000001A.00000002.4394147517.00005B5800C14000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.micrsoft365.com/pwa
Source: msedgewebview2.exe, 0000001E.00000002.4131252243.000000E000390000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.nic.cz/odvr/
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.northwindtraders.com/
Source: 000005.ldb.4.dr, 000003.log9.4.dr	String found in binary or memory: https://www.office.com/
Source: msedgewebview2.exe, 0000001A.00000002.4357518859.00005B58007B7000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/8
Source: msedgewebview2.exe, 0000001A.00000002.4142680603.0000020D83443000.00000002.00000001.00040000.00000026.sdmp	String found in binary or memory: https://www.office.com/Office
Source: msedgewebview2.exe, 00000020.00000003.3660903796.0000372800DC4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/park
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/parkr
Source: msedgewebview2.exe, 0000001A.00000002.4404377057.00005B5800FA4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/st
Source: msedgewebview2.exe, 0000001A.00000002.4404377057.00005B5800FA4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/st0IoX
Source: msedgewebview2.exe, 0000001A.00000002.4404377057.00005B5800FA4000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.office.com/w
Source: WebViewHost.exe, 00000019.00000002.4103065265.000002305B000000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://www.office.coma
Source: msedgewebview2.exe, 0000001E.00000002.4137011217.000000E00060C000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.quad9.net/home/privacy/
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C43000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.relecloud.com
Source: msedgewebview2.exe, 00000020.00000003.3641710040.00003728011C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4419120081.0000070E00FC2000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://www.yammer.com
Source: msedgewebview2.exe, 0000001A.00000002.4149640208.0000020D8594D000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4307307414.0000020DFC343000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com
Source: msedgewebview2.exe, 0000001A.00000002.4149640208.0000020D8594D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.com/P
Source: msedgewebview2.exe, 0000001A.00000002.4144282442.0000020D85523000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://xsts.auth.xboxlive.comm

Source: unknown	Network traffic detected: HTTP traffic on port 56274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59788
Source: unknown	Network traffic detected: HTTP traffic on port 56434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59792
Source: unknown	Network traffic detected: HTTP traffic on port 59929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59793
Source: unknown	Network traffic detected: HTTP traffic on port 59906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56388 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56342 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59799
Source: unknown	Network traffic detected: HTTP traffic on port 59895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56297
Source: unknown	Network traffic detected: HTTP traffic on port 59792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56377 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56296
Source: unknown	Network traffic detected: HTTP traffic on port 59941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51604
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51602
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51607
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51606
Source: unknown	Network traffic detected: HTTP traffic on port 59815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56343 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56433 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56481 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56445 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51614
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51615
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51612
Source: unknown	Network traffic detected: HTTP traffic on port 53970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51613
Source: unknown	Network traffic detected: HTTP traffic on port 59975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51610
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51611
Source: unknown	Network traffic detected: HTTP traffic on port 56470 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56354 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56467 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56477
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59987
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56478
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56479
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56363
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56487
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56480
Source: unknown	Network traffic detected: HTTP traffic on port 51615 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56481
Source: unknown	Network traffic detected: HTTP traffic on port 60003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59871
Source: unknown	Network traffic detected: HTTP traffic on port 59954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56362
Source: unknown	Network traffic detected: HTTP traffic on port 56378 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59991
Source: unknown	Network traffic detected: HTTP traffic on port 56355 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56409 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56493 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56488
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59997
Source: unknown	Network traffic detected: HTTP traffic on port 56455 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56495
Source: unknown	Network traffic detected: HTTP traffic on port 56515 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56375
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56496
Source: unknown	Network traffic detected: HTTP traffic on port 59768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56497
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56377
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56493
Source: unknown	Network traffic detected: HTTP traffic on port 59804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56490
Source: unknown	Network traffic detected: HTTP traffic on port 56444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56503 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56378
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56499
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56379
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56386
Source: unknown	Network traffic detected: HTTP traffic on port 59767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56388
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59896
Source: unknown	Network traffic detected: HTTP traffic on port 59805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59890
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56384
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59892
Source: unknown	Network traffic detected: HTTP traffic on port 56296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56275
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59785
Source: unknown	Network traffic detected: HTTP traffic on port 56432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59784
Source: unknown	Network traffic detected: HTTP traffic on port 59827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56271
Source: unknown	Network traffic detected: HTTP traffic on port 59932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56273
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56274
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56390
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56391
Source: unknown	Network traffic detected: HTTP traffic on port 59999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53968
Source: unknown	Network traffic detected: HTTP traffic on port 59949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56431 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53970
Source: unknown	Network traffic detected: HTTP traffic on port 56472 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53976
Source: unknown	Network traffic detected: HTTP traffic on port 59800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56379 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56391 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56495 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56453 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56496 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56473 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56430 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56452 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60004
Source: unknown	Network traffic detected: HTTP traffic on port 59802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60003
Source: unknown	Network traffic detected: HTTP traffic on port 59985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60001
Source: unknown	Network traffic detected: HTTP traffic on port 56463 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60008
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60006
Source: unknown	Network traffic detected: HTTP traffic on port 56429 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60005
Source: unknown	Network traffic detected: HTTP traffic on port 59890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51611 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56451 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56337 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51599 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56462 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56508
Source: unknown	Network traffic detected: HTTP traffic on port 59992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56503
Source: unknown	Network traffic detected: HTTP traffic on port 59820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56505
Source: unknown	Network traffic detected: HTTP traffic on port 56269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56450 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56487 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56338 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56384 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51599
Source: unknown	Network traffic detected: HTTP traffic on port 59877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51598
Source: unknown	Network traffic detected: HTTP traffic on port 59983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56427 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56461 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51610 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56426 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56449 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56499 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56488 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59829
Source: unknown	Network traffic detected: HTTP traffic on port 51602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56505 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59949
Source: unknown	Network traffic detected: HTTP traffic on port 56477 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56433
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56434
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59944
Source: unknown	Network traffic detected: HTTP traffic on port 59875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59952
Source: unknown	Network traffic detected: HTTP traffic on port 56271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56363 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56448
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56449
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56444
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56445
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56447
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56451
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56452
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56453
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59962
Source: unknown	Network traffic detected: HTTP traffic on port 59829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56450
Source: unknown	Network traffic detected: HTTP traffic on port 59955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56459
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56338
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59969
Source: unknown	Network traffic detected: HTTP traffic on port 59989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59968
Source: unknown	Network traffic detected: HTTP traffic on port 59914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56455
Source: unknown	Network traffic detected: HTTP traffic on port 56459 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59965
Source: unknown	Network traffic detected: HTTP traffic on port 56490 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56337
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56462
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56463
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56342
Source: unknown	Network traffic detected: HTTP traffic on port 59899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56343
Source: unknown	Network traffic detected: HTTP traffic on port 59828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59974
Source: unknown	Network traffic detected: HTTP traffic on port 56478 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59973
Source: unknown	Network traffic detected: HTTP traffic on port 59956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56461
Source: unknown	Network traffic detected: HTTP traffic on port 59887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59979
Source: unknown	Network traffic detected: HTTP traffic on port 60004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59976
Source: unknown	Network traffic detected: HTTP traffic on port 56309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56467
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56468
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56469
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56352
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56473
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56353
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56354
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56355
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56476
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56470
Source: unknown	Network traffic detected: HTTP traffic on port 51614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56472
Source: unknown	Network traffic detected: HTTP traffic on port 59806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56272 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59907
Source: unknown	Network traffic detected: HTTP traffic on port 59968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59909
Source: unknown	Network traffic detected: HTTP traffic on port 59945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59903
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56515
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59904
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59900
Source: unknown	Network traffic detected: HTTP traffic on port 59807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56447 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59918
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56409
Source: unknown	Network traffic detected: HTTP traffic on port 59818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59917
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59919
Source: unknown	Network traffic detected: HTTP traffic on port 60006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59910
Source: unknown	Network traffic detected: HTTP traffic on port 59913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59911
Source: unknown	Network traffic detected: HTTP traffic on port 59934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56479 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56469 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 59863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59928

Source: unknown

HTTPS traffic detected: 104.16.99.29:443 -> 192.168.2.24:56495 version: TLS 1.2

Source: f1215887448.exe

Static PE information: No import functions for PE file found

Source: f1215887448.exe

Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: msedgewebview2.exe, 00000020.00000003.3644894267.0000372800E20000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .SLNPROJH
Source: msedgewebview2.exe, 00000020.00000003.3658692703.00003728007A0000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: PXML",".PDS",".QUE",".R",".R3D",".RAF",".RAT",".RAW",".RC",".RC2",".RCT",".RD",".RDA",".RDATA",".RDP",".REG",".RELS",".RES",".RESMONCFG",".RESW",".RESX",".RGS",".RHTML",".RLE",".RLL",".RMARKDOWN",".RMD",".RMI",".RNW",".RPC",".RPRES",".RPROJ",".RQY",".RSP",".RTF",".RUL",".RULESET",".RUN",".RW2",".RWL",".RWZ",".S",".SAZ",".SBR",".SC2",".SCC",".SCCM.VAPPLAUNCER",".SCD",".SCH",".SCP",".SCR",".SCSS",".SCT",".SDL",".SED",".SETTINGCONTENT-MS",".SETTINGS",".SFCACHE",".SH",".SHPROJ",".SHTM",".SHTML",".SIT",".SITEMAP",".SKBRUSHES",".SKIN",".SLDM",".SLDX",".SLK",".SLN",".SLNPROJ",".SND",".SNIPPET",".SNK",".SOL",".SOLITAIRETHEME8",".SOR",".SPC",".SPL",".SQL",".SQLPROJ",".SR2",".SRF",".SRW",".SR_",".SST",".STM",".STVPROJ",".SUO",".SVC",".SVCLOG",".SVG",".SWF",".SYM",".SYMLINK",".SYS",".SY_",".TAB",".TAR",".TARGETS",".TDL",".TESTRUNCONFIG",".TESTSETTINGS",".TEX",".TEXT",".TGZ",".THEME",".THEMEPACK",".THMX",".THUMB",".TIF",".TIFF",".TLB",".TLH",".TLI",".TOD",".TRG",".TRX",".TS",".TSP",".TSV",".TSX",".TT",".TTC",".TTF",".TTS",".TVP",".TXT",".UDF",".UDL",".UDT",".UITEST",".URL",".USER",".USR",".UVU",".UXDC",".VB",".VBE",".VBHTML",".VBPROJ",".VBS",".VBX",".VCF",".VCP",".VCPROJ",".VCS",".VCW",".VCXITEMS",".VCXPROJ",".VDW",".VDX",".VHDPMEM",".VIW",".VOB",".VSCT",".VSD",".VSDM",".VSDX",".VSGLOG",".VSH",".VSHADER",".VSIX",".VSIXLANGPACK",".VSIXMANIFEST",".VSMDI",".VSP",".VSPROPS",".VSPS",".VSPSCC",".VSPX",".VSS",".VSSCC",".VSSETTINGS",".VSSM",".VSSSCC",".VSSX",".VST",".VSTEMPLATE",".VSTM",".VSTO",".VSTX",".VSX",".VSZ",".VTX",".VXD",".WAB",".WAV",".WAX",".WBCAT",".WBK",".WCX",".WDP",".WEBA",".WEBM",".WEBP",".WEBPNP",".WEBSITE",".WIZ",".WIZHTML",".WLL",".WLT",".WM",".WMA",".WMD",".WMDB",".WMF",".WMP",".WMS",".WMV",".WMX",".WMZ",".WPA",".WPAPK",".WPL",".WRI",".WRL",".WSC",".WSDL",".WSF",".WSH",".WSZ",".WTV",".WTX",".WVX",".X",".X3F",".XAML",".XBAP",".XDR",".XEVGENXML",".XHT",".XHTML",".XIX",".XLA",".XLAM",".XLB",".XLC",".XLD",".XLK",".XLL",".XLM",".XLS",".XLSB",".XLSHTML",".XLSM",".XLSMHTML",".XLSX",".XLT",".XLTHTML",".XLTM",".XLTX",".XLW",".XLXML",".XML",".XRM-MS",".XSC",".XSD",".XSL",".XSLT",".XSS",".XVID",".Z",".Z96",".ZIP",".ZFSENDTOTARGET",".ZOO",".ZPL"],function(e){e.InternalEmailAddress="Internal Email Address",e.ExternalEmailAddress="External Email Address",e.Directory="Directory",e.Url="Url",e.PIDKey="PID Key",e.MachineName="Machine Name",e.UserDomain="User Domain",e.Location="Location",e.FileNameOrExtension="File Name or Extension",e.UserName="User Name",e.UserAlias="User Alias",e.SiteUrl="Site Url",e.InScopeIdentifier="In Scope Identifier",e.DemographicInfoLanguage="Demographic Info Language",e.DemographicInfoCountryRegion="Demographic Info Country Region",e.UnknownGuid="Unknown Guid",e.UnknownHexLength16="Unknown Hex Length 16",e.UnknownHexLength64="Unknown Hex Length 64",e.AccountId="Account Id"}(i\|\|(i={}));class a{static InitializeComplianceChecksForTesting(e,t,o,r,i,a){this._userName=e,this._userAlias=t,this._userDomain=o.toLowerCase(),this._machineName=r.
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000003.3644894267.0000372800E20000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .VBPROJ
Source: msedgewebview2.exe, 00000020.00000003.3644894267.0000372800E20000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000020.00000002.4408388771.0000070E002C2000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .CSPROJ
Source: msedgewebview2.exe, 00000020.00000003.3658692703.00003728007A0000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: ".APPLICATION",".APPREF-MS",".APPX",".APPXBUNDLE",".APS",".ARC",".ARI",".ARJ",".ART",".ARW",".ASA",".ASAX",".ASC",".ASCX",".ASF",".ASHX",".ASM",".ASMX",".ASP",".ASPX",".ASX",".AU",".AVCI",".AVCS",".AVI",".AW",".BAS",".BAT",".BAY",".BCP",".BIN",".BKF",".BLG",".BMP",".BSC",".C",".CAMP",".CAP",".CAT",".CC",".CCPROJ",".CD",".CDA",".CDMP",".CDX",".CDXML",".CER",".CGM",".CHK",".CHM",".CLS",".CMD",".COD",".COFFEE",".COM",".COMPOSITEFONT",".CONFIG",".CONTACT",".COVERAGE",".CPL",".CPP",".CR2",".CRL",".CRT",".CRTX",".CRW",".CS",".CSA",".CSH",".CSHADER",".CSHTML",".CSPROJ",".CSS",".CSV",".CUR",".CXX",".DAT",".DATASOURCE",".DB",".DBG",".DBS",".DCR",".DCS",".DCT",".DCTX",".DCTXC",".DDS",".DEF",".DEPLOYPROJ",".DEPS",".DER",".DESKLINE",".DESKTHEMEPACK",".DET",".DEVICEMANIFEST-MS",".DEVICEMETADATA-MS",".DGML",".DIAGCAB",".DIAGCFG",".DIAGPKG",".DIAGSESSION",".DIB",".DIC",".DIFF",".DISCO",".DIVX",".DIZ",".DLL",".DL_",".DMP",".DNG",".DOC",".DOCHTML",".DOCM",".DOCMHTML",".DOCX",".DOCXML",".DOS",".DOT",".DOTHTML",".DOTM",".DOTX",".DQY",".DRF",".DRV",".DSGL",".DSH",".DSHADER",".DSN",".DSP",".DSW",".DTCP-IP",".DTD",".DVR-MS",".DWFX",".EASMX",".EC3",".EDMX",".EDRWX",".EIP",".ELM",".EMF",".EML",".EPRTX",".EPS",".EPUB",".ERF",".ETL",".ETP",".EVT",".EVTX",".EXC",".EXP",".EXT",".EX_",".EYB",".FAQ",".FBX",".FDM",".FFF",".FH",".FIF",".FILTERS",".FKY",".FLAC",".FND",".FNT",".FON",".FX",".GCSX",".GENERICTEST",".GHI",".GIF",".GLB",".GLOX",".GLTF",".GMMP",".GQSX",".GRA",".GROUP",".GRP",".GSH",".GSHADER",".GZ",".H",".HD3D",".HDMP",".HDP",".HEIC",".HEICS",".HEIF",".HEIFS",".HH",".HHC",".HLP",".HLSL",".HLSLI",".HOL",".HPP",".HPX",".HSH",".HSHADER",".HTA",".HTC",".HTM",".HTML",".HTT",".HTW",".HTX",".HXA",".HXC",".HXD",".HXE",".HXF",".HXH",".HXI",".HXK",".HXQ",".HXR",".HXS",".HXT",".HXV",".HXW",".HXX",".I",".IBQ",".ICC",".ICL",".ICM",".ICO",".ICS",".IDB",".IDL",".IDQ",".IIQ",".ILK",".IMC",".IMESX",".INC",".INF",".INI",".INL",".INV",".INX",".IN_",".IPP",".IQY",".ITRACE",".IVF",".JAR",".JAVA",".JBF",".JFIF",".JFR",".JOB",".JOD",".JPE",".JPEG",".JPG",".JPS",".JS",".JSE",".JSON",".JSONID",".JSPROJ",".JSX",".JTX",".JXR",".K25",".KCI",".KDC",".KDMP",".LABEL",".LACCDB",".LATEX",".LDB",".LESS",".LEX",".LGN",".LIB",".LIC",".LNK",".LOCAL",".LOG",".LPCM",".LST",".LZH",".M14",".M1V",".M2T",".M2TS",".M2V",".M3U",".M4A",".M4B",".M4P",".M4R",".M4V",".MAD",".MAF",".MAG",".MAK",".MAM",".MAN",".MANIFEST",".MAP",".MAPIMAIL",".MAQ",".MAR",".MARKDOWN",".MAS",".MASTER",".MAT",".MAU",".MAV",".MAW",".MD",".MDA",".MDB",".MDBHTML",".MDC",".MDE",".MDMP",".MDN",".MDP",".MDT",".MDTXT",".MDW",".MEF",".MFCRIBBON-MS",".MHT",".MHTML",".MID",".MIDI",".MK",".MK3D",".MKA",".MKV",".MLC",".MLPD",".MMF",".MOD",".MOS",".MOV",".MOVIE",".MP2",".MP2V",".MP3",".MP4",".MP4V",".MPA",".MPE",".MPEG",".MPG",".MPO",".MPV2",".MRW",".MS-LOCKSCREENCOMPONENT-PRIMARY",".MS-WINDOWS-STORE-LICENSE",".MSC",".MSEPUB",".MSG",".MSI",".MSIX",".MSIXBUNDLE",".MSP",".MSRCINCIDENT",".MSU",".MTS",".MTX",".MV",".MYDOCS",".NATVIS",".NCB",".NEF",".NFO","
Source: msedgewebview2.exe, 00000020.00000003.3644894267.0000372800E20000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .SLN@
Source: msedgewebview2.exe, 00000020.00000003.4085578281.0000070E00C54000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .SLNPROJ
Source: msedgewebview2.exe, 00000020.00000003.3644894267.0000372800E20000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: .VBPROJx

Source: classification engine

Classification label: mal48.evad.mine.winEXE@77/850@133/56

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Mutant created: NULL
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Mutant created: \Sessions\1\BaseNamedObjects\OFFICE_APP
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:5780:120:WilError_03

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Temp\e28a42ff-6b7d-4c09-b5f6-628b916b7735.tmp

Jump to behavior

Source: f1215887448.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: unknown	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=1780,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=2028 /prefetch:11
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=4252 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8
Source: unknown	Process created: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe"
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:1
Source: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --string-annotations=is-enterprise-managed=no --field-trial-handle=6396,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6388 /prefetch:12
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=6504,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6368 /prefetch:14
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3964 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=4252 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=1780,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=2028 /prefetch:11	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --mojo-platform-channel-handle=4252 --field-trial-handle=2124,i,10053391895956124659,9107200704348804709,131072 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=1780,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=2028 /prefetch:11
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --string-annotations=is-enterprise-managed=no --field-trial-handle=6396,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6388 /prefetch:12
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --field-trial-handle=6504,i,3371333862956838881,13380719388950832742,262144 --variations-seed-version=20250129-180207.876000 --mojo-platform-channel-handle=6368 /prefetch:14
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:1

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: webview2loader.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: coremessaging.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: msvcp140.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: concrt140.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: uxtheme.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: dwmapi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: msimg32.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: version.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: vcruntime140_1.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: vcruntime140.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: wininet.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: vcruntime140.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: vcruntime140_1.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: vcruntime140.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: msasn1.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: execmodelclient.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.shell.servicehostbuilder.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: execmodelproxy.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: wintypes.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.applicationmodel.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.staterepositorybroker.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.staterepositorycore.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: diagnosticdatasettings.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: policymanager.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: coreprivacysettingsstore.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.networking.connectivity.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: netprofm.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: npmproxy.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: iertutil.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: srvcli.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: netutils.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: sspicli.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.storage.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: profapi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: mswsock.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: winnsi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: cryptbase.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.web.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.ui.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.ui.immersive.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windowscodecs.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.storage.applicationdata.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: propsys.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: cfgmgr32.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: daxexec.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: userenv.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: container.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: ntmarta.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: apphelp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: textinputframework.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: coreuicomponents.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: winhttp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: profext.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: urlmon.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: dnsapi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: fwpuclnt.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: schannel.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: dbghelp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: systemsupportinfo.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: ncrypt.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: ntasn1.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: ncryptsslp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: dpapi.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: cryptsp.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: rsaenh.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: version.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: diagnosticdatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: coreprivacysettingsstore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ffmpeg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: kbdus.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: diagnosticdatasettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: coreprivacysettingsstore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: twinapi.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: policymanager.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msvcp110_win.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: gpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wkscli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: netutils.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mdmregistration.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: omadmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: powrprof.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: umpdc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: nlansp_c.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: textinputframework.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.storage.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wintypes.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.ui.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: profapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mscms.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wtsapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winsta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: netapi32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cfgmgr32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.security.authentication.onlineid.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.security.authentication.web.core.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iertutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: srvcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.staterepositorycore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: usermgrproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wldp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winnsi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: devobj.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: webio.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: propsys.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dataexchange.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: usermgrcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.media.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: atlthunk.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: oleacc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: directmanipulation.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: fwpuclnt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: schannel.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncryptsslp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptsp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: rsaenh.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptnet.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wofutil.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dsreg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.system.launcher.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: vaultcli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: netprofm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: npmproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.web.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.system.userprofile.diagnosticssettings.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.networking.connectivity.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: diagnosticdataquery.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: bitsproxy.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ffmpeg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: kernel.appcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uxtheme.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dxgi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dxcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: directxdatabasehelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mf.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mfplat.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cfgmgr32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: rtworkq.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msmpeg2vdec.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mfperfhelper.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dxva2.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msvproc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: windows.staterepositorycore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dolbydecmft.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwmapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: d3d11.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dcomp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: d3d10warp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ffmpeg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: nlansp_c.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dnsapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: rasadhlp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: fwpuclnt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncryptprov.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntmarta.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ffmpeg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: cryptbase.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winmm.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dbghelp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: iphlpapi.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: secur32.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: userenv.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ffmpeg.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dwrite.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: winhttp.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ncrypt.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: dhcpcsvc.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: sspicli.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: msasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: ntasn1.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Section loaded: wldp.dll

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A66AEDC-93C3-4ACC-BA96-08F5716429F7}\InProcServer32

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe

Key opened: \REGISTRY\WC\Silo740263f8-3de6-30be-85e9-e2439ba0ced5user_sid\Software\Microsoft\Office\OfficeHub

Source: f1215887448.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:

Source: f1215887448.exe

Static PE information: real checksum: 0x4c2bc should be: 0x3d914

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Registry key monitored for changes: \REGISTRY\WC\Silo740263f8-3de6-30be-85e9-e2439ba0ced5user_classes
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process information set: NOOPENFILEERRORBOX

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe TID: 3792

Thread sleep time: -30000s >= -30000s

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe

Key opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010409

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Code Cache\wasm FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Code Cache\js FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\blob_storage\bde81ff8-bbf9-408d-b08a-0cb75447c289 FullSizeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File Volume queried: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Cache\Cache_Data FullSizeInformation

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\6e563428-bbec-469e-9b24-d1f4aac243c8.tmp
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	File opened: C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Preferences

Source: msedgewebview2.exe, 0000001A.00000002.4339209830.00005B58003E8000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: X[USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&fe07fb&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=fee0907f-2262-4bc9-a9f4-29739887cecbacheC:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Default\Bookmarks
Source: msedgewebview2.exe, 0000001A.00000002.4296012776.0000020DFA44D000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWta@{B
Source: msedgewebview2.exe, 0000001A.00000002.4339209830.00005B58003E8000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&fe07fb&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=fee0907f-2262-4bc9-a9f4-29739887cecb
Source: msedgewebview2.exe, 0000001A.00000002.4403140050.00005B5800F58000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: VMware Virtual USB Mouseprofile.last_time_obsolete_http_credentials_removed
Source: WebViewHost.exe, 00000019.00000002.4116526098.000002305B0AB000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWio@
Source: msedgewebview2.exe, 0000001E.00000002.4149632632.00000221A6013000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWex%SystemRoot%\system32\mswsock.dll--embedded-browser-webview=1--embedded-browser-webview-dpi-awareness=2--mojo-platform-channel-handle=2068--field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072--enable-features=msSingleSignOnOSForPrimary
Source: WebViewHost.exe, 00000019.00000002.4127385492.000002305D313000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4305624536.0000020DFC326000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWf
Source: msedgewebview2.exe, 0000001A.00000002.4331438776.00005B5800330000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: r.com/aVMware
Source: WebViewHost.exe, 00000019.00000002.4127385492.000002305D313000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 0000001A.00000002.4293919167.0000020DFA426000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAWen-USn

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe

Process queried: DebugPort

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Memory allocated: page read and write | page guard

Jump to behavior

HIPS / PFW / Operating System Protection Evasion

Maps a DLL or memory area into another process

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Section loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\100.0.1185.36\identity_helper.exe protection: readonly

Jump to behavior

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\EBWebView" --webview-exe-name=WebViewHost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=msSingleSignOnOSForPrimaryAccountIsShared /prefetch:1

Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=mssinglesignonosforprimaryaccountisshared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-us --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-us --service-sandbox-type=utility --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-us --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:1
Source: C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2411.1163.0_x64__8wekyb3d8bbwe\WebViewHost.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --enable-features=mssinglesignonosforprimaryaccountisshared --mojo-named-platform-channel-pipe=7692.5272.14083559807100969314
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=100.0.4896.75 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=100.0.1185.36 --initial-client-data=0x138,0x13c,0x140,0x114,0x148,0x7ff9b4ffd840,0x7ff9b4ffd850,0x7ff9b4ffd860
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=uaaaaaaaaadgaaayaaaaaaaaaaaaaaaaaabgaaaaaaawaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaegaaaaaaaaasaaaaaaaaaayaaaaagaaabaaaaaaaaaagaaaaaaaaaaqaaaaaaaaaaaaaaaoaaaaeaaaaaaaaaabaaaadgaaaagaaaaaaaaacaaaaaaaaaa= --mojo-platform-channel-handle=1884 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-us --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2068 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-us --service-sandbox-type=utility --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2332 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Process created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\100.0.1185.36\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\packages\microsoft.microsoftofficehub_8wekyb3d8bbwe\localstate\ebwebview" --webview-exe-name=webviewhost.exe --webview-exe-version=18.2411.1163.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-us --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=7486409138 --mojo-platform-channel-handle=3392 --field-trial-handle=1940,i,10447704658551006847,4740937541044747648,131072 --enable-features=mssinglesignonosforprimaryaccountisshared /prefetch:1

Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\Trust Protection Lists\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\WidevineCdm\manifest.json VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\MEIPreload\preloaded_data.pb VolumeInformation
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe	Queries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	1 Command and Scripting Interpreter	1 DLL Side-Loading	111 Process Injection	1 Masquerading	OS Credential Dumping	1 Query Registry	Remote Services	1 Archive Collected Data	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	1 DLL Side-Loading	2 Virtualization/Sandbox Evasion	LSASS Memory	11 Security Software Discovery	Remote Desktop Protocol	Data from Removable Media	1 Non-Standard Port	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	1 Disable or Modify Tools	Security Account Manager	2 Virtualization/Sandbox Evasion	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Ingress Tool Transfer	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	111 Process Injection	NTDS	1 Remote System Discovery	Distributed Component Object Model	Input Capture	4 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	Launchd	Network Logon Script	Network Logon Script	1 DLL Side-Loading	LSA Secrets	1 File and Directory Discovery	SSH	Keylogging	5 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	Steganography	Cached Domain Credentials	23 System Information Discovery	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report
f1215887448.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Cryptography

Bitcoin Miner

Compliance

Spreading

Networking

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report f1215887448.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Cryptography

Bitcoin Miner

Compliance

Spreading

Networking

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Windows Analysis Report
f1215887448.exe