Windows Analysis Report
https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9

General Information

Sample URL:	https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9
Analysis ID:	1711299
Infos:

Detection

Score:	2
Range:	0 - 100
Confidence:	80%

Signatures

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML title does not match URL

HTTP GET or POST without a user agent

Classification

Signatures

HTML body contains low number of good links

Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true

HTTP Parser: Number of links: 0

HTML title does not match URL

HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49724 version: TLS 1.2

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: goldstonemanagment-my.sharepoint.com to https://login.microsoftonline.com:443/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5fid=00000003%2d0000%2d0ff1%2dce00%2d000000000000&response%5fmode=form%5fpost&response%5ftype=code%20id%5ftoken&resource=00000003%2d0000%2d0ff1%2dce00%2d000000000000&scope=openid&nonce=ce2e5519f6c3feffb0acff29f2ceb805deb5fb86ed78c639%2d19a748356579eb0dd834b8dd2337f923a05b9c03231bb41feba67846d6c4ba12&redirect%5furi=https%3a%2f%2fgoldstonemanagment%2dmy%2esharepoint%2ecom%2f%5fforms%2fdefault%2easpx&state=od0w&claims=%7b%22id%5ftoken%22%3a%7b%22xms%5fcc%22%3a%7b%22values%22%3a%5b%22cp1%22%5d%7d%7d%7d&wsucxt=1&cobrandid=11bd8083%2d87e0%2d41b5%2dbb78%2d0bc43c8a8e8a&client%2drequest%2did=e5cfa6a1%2de048%2d9000%2d00c3%2d6510b75557a4

HTTP GET or POST without a user agent

Source: global traffic

HTTP traffic detected: POST /OneCollector/1.0?cors=true&content-type=application%2Fx-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=c498711f02654edca8a715ca6e1cb4d4-dc31da17-845c-4cca-84e5-547d05dad708-6945&upload-time=1749575335084&w=0&anoncknm=al_app_anon&NoResponseBody=true HTTP/1.1host: browser.events.data.msn.cnaccept-encoding: identitycontent-length: 3745content-type: application/json; charset=UTF-8cache-control: no-cache

Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 23.223.209.79
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.4
Source: unknown	TCP traffic detected without corresponding DNS query: 104.117.182.209
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.4

Source: global traffic	HTTP traffic detected: GET /:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG505 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_layouts/15/1033/styles/corev15.css?rev=tJSIZchOAVdu3jcvNxysgA%3D%3DTAG505 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=sr6F3K1Q0GRnD4wb9zrBwPoIvMbEPt-0JaQtZ2Mb3Vn2jVfVgDPU9iKIjfhaW45AYSHlsItWnMQ9vXt_5XC8Wa94u7DJVAawj0-l3jAC6jqDqnCcBHNZcDxMBtl8o-JdbhH7frf9kRm-3KWrGoLkADokDa52GtzlZfPjpXW-t1fMGv_aGr6wfkV8c_9o3aJX0&t=2a9d95e3 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=LGCbvPqDWr6NGAoANcpURE6wX-2D5oGrf28m_P6v5AWqox645ulKE4STbYM8PekIOxkIg8mD9pD-iLx71QtT44qTiD8Gi7tXKkfQTBjCwSY1&t=638823999370157672 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=B4bLup9GT6FvNBDj7lSdY2DxqLAWAfC59a2KqSTY1FBECZs9i9ufw291GYdpWdLJQVtlZSNYwYZfC9HP7UcuaXjP6q-f2WXlpuPanmeHJ2wZ0kpdjDsx3tu3Hvq6sUyIZsFBk6TyauZKGjEr7qx_bdaybHfMwK0kaI5_evnFU8W1gDWToPANfm54gjpb4i8s0&t=2a9d95e3 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/1033/initstrings.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/blank.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/theming.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/init.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/1033/strings.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/core.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.22631.4169/0?CH=902&L=en-US&P=&PT=0x30&WUA=1220.2407.15022.0&MK=1CocMgeHrKELNWb&MD=TMrlDezF HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/1220.2407.15022.0 Client-Protocol/2.80accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1host: goldstonemanagment-my.sharepoint.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /personal/sandrar_goldstonem_com HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsepriority: u=0, i
Source: global traffic	HTTP traffic detected: GET /personal/sandrar_goldstonem_com/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Fsandrar%5Fgoldstonem%5Fcom HTTP/1.1host: goldstonemanagment-my.sharepoint.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsepriority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2fpersonal%2fsandrar_goldstonem_com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Fsandrar%255Fgoldstonem%255Fcom&Source=cookie HTTP/1.1host: goldstonemanagment-my.sharepoint.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsecookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGc2FuZHJhciU1RmdvbGRzdG9uZW0lNUZjb20=priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4 HTTP/1.1host: login.microsoftonline.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_bazYuVH6rF7OQmuNhACwPg2.js HTTP/1.1host: aadcdn.msftauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true HTTP/1.1host: login.microsoftonline.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-dest: documentreferer: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&respon
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l8i1wwom7wbodda4l9b6dw2.js HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_486f0cce3c3db211da28.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1host: login.microsoftonline.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: esctx-71YInml3DZE=AQABCQEAAABVrSpeuWamRam2jAF1XRQEWRDa3Ner4X-GaKw_n7FSlUA5yIaKwaEj6P2C_XLbt7JFnV5fNIRm9fqHD-8wxBxjl6CP_HtMxcLqdPcJVZ-PPVB9kD00IZ40vFUZ5Hcp5NmTfcLb9gQJHb2Dx31ZSGQksmhldnwRAqhpS5An1iyCXCAAcookie: x-ms-gateway-slice=estsfdcookie: stsservicecookie=estsfdcookie: AADSSO=NA\|NoExtensioncookie: SSOCOOKIEPULLED=1cookie: buid=1.AW4AiouGFGqTN0SBmP2fpPaVSAMAAAAAAPEPzgAAAAAAAABuAABuAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQE3I5pqbIRmN026x6Cl0C8kUKvut9vA7uVnkDN3sWDbQ12vmHYFuPJCjTHUAeNq-H03lSYL6tLIe9dYTJ-dW9-yZWmHA48SzzL9oIqsXtpfjggAAcookie: esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEX8rqiRqlioAsqp0V9WEXetaiodOk9YfETe9sv7KlBl1x-ec5Ka1pWb9ahO5m7-NpDVXj7chr1TEY5nIVaJNuEKEsMfE64rf2i0r0m8F2z8wH6rQHpVrjVvUelvXpUpeK8e1S8fj5EpQWH5QbB6TDfR6sUKIVZTMpkeR4rsgYLfsgAAcookie: esctx-m77HPvFtk=AQABCQEAAABVrSpeuWamRam2jAF1XRQEoz7x4jdzc2MvCyNSDFY347a2XdVFM5WwGiJyHMl9pbzMDLWrbHGnpdmoEHx99cnfBIkNkaZ4RxBB1c5UQ436ALrQoGh5AlbjRV3CBoKOSUnnihlRbPWPu5FICEQK8d2llKD0V_w2SAahwC1rNzKcLiAAcookie: fpc=AsEr7rtG_vJGmnZ5g8rTo0GEDnIxAQAAAMld2t8OAAAAcookie: MicrosoftApplicationsTeleme
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.22631.4169/0?CH=902&L=en-US&P=&PT=0x30&WUA=1220.2407.15022.0&MK=1CocMgeHrKELNWb&MD=TMrlDezF HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/1220.2407.15022.0 Client-Protocol/2.80accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /r/r1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: goldstonemanagment-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net

Source: unknown

Source: chromecache_84.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_84.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/1033/initstrings.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/blank.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/init.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/theming.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res.cdn.office.net/teams-js/2.21.0/js/MicrosoftTeams.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49678
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49677
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49724 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@24/61@16/11

Source: C:\Windows\System32\appidpolicyconverter.exe	Mutant created: PolicyMutex
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:6548:120:WilError_03

Source: C:\Windows\System32\appidpolicyconverter.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,14049268193459184991,7695379603295095455,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250316-180048.776000 --mojo-platform-channel-handle=1756 /prefetch:11
Source: unknown	Process created: C:\Windows\System32\appidpolicyconverter.exe "C:\Windows\system32\appidpolicyconverter.exe"
Source: C:\Windows\System32\appidpolicyconverter.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,14049268193459184991,7695379603295095455,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250316-180048.776000 --mojo-platform-channel-handle=1756 /prefetch:11	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: srpapi.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: gpapi.dll	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
52.107.251.51	mira-ssc.tm-4.office.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.176.196	www.google.com	United States	15169	GOOGLEUS	false
13.107.246.40	s-part-0012.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.51	s-part-0023.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.216.132.21	e329293.dscd.akamaiedge.net	United States	7016	CCCH-3US	false
23.206.121.60	a726.dscd.akamai.net	United States	33490	COMCAST-33490US	false
23.200.0.195	a1894.dscb.akamai.net	United States	20940	AKAMAI-ASN1EU	false
20.190.152.20	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.107.252.9	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
20.190.152.19	www.tm.a.prd.aadg.akadns.net	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false

Private

IP
192.168.2.24

Contacted Domains

Name	IP	Active
s-part-0012.t-0009.t-msedge.net	13.107.246.40	true
e329293.dscd.akamaiedge.net	23.216.132.21	true
s-part-0023.t-0009.t-msedge.net	13.107.246.51	true
a726.dscd.akamai.net	23.206.121.60	true
mira-ssc.tm-4.office.com	52.107.251.51	true
www.google.com	142.250.176.196	true
www.tm.a.prd.aadg.akadns.net	20.190.152.19	true
a1894.dscb.akamai.net	23.200.0.195	true
identity.nel.measure.office.net	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
logincdn.msftauth.net	unknown	unknown
login.microsoftonline.com	unknown	unknown
goldstonemanagment-my.sharepoint.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
http://c.pki.goog/r/r4.crl	false	high
https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	false	high
http://c.pki.goog/r/r1.crl	false	high
https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9	false	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 101	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 102	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 406986	991F65CE1AA4809A6ED028BD54B3D1E3	18B2197389C0AE376309E3A5D03CC1C039337685	3C2C2CFEA40049D60B0BCEA06AE9A3558D0D264B318F06DD180A920774EC6365
Chrome Cache Entry: 103	ASCII text, with very long lines (456), with no line terminators	D82C3B70564E5836C3D1015A1927EC02	EAFD835FA552C14EC82E774C120397F4B86CBB0B	5D67056CF39F4E77BF50CF942019A8CE72328FE49A2EE0DB6325BF6833AEF290
Chrome Cache Entry: 104	ASCII text, with very long lines (65536), with no line terminators	2DE2482829622DE740DB42E04CBCD047	2A88D65A01BDA232B97B24163F66BA7F90A63386	947D9E7117E8528021EC98FBBD6FE75A4D393A699DFFFFB3A2803EAE42845CEB
Chrome Cache Entry: 105	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 72	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 73	ASCII text, with no line terminators	4CD46B0ED25DD75BA3C3CAA1FB541EEB	C55D8191FA6779A2E5B962D579170CB0D4E3FEA1	BDF1A43E9F197BBAD8A9F2FB244A6F64DD54ED6F77011D556A2008AB67409BE4
Chrome Cache Entry: 74	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 102804	B62553925BD98826C60457D2EB6B9A46	84DBBB6D9B36A587C21B5A56B1D9E587E33BA943	C58166FE4DF4BA8F25A960C21451EAF841D97F6F552F104E43431C9DB1C2E2CC
Chrome Cache Entry: 75	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 3651	9F368BC4580FED907775F31C6B26D6CF	E393A40B3E337F43057EEE3DE189F197AB056451	7ECBBA946C099539C3D9C03F4B6804958900E5B90D48336EEA7E5A2ED050FA36
Chrome Cache Entry: 76	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113769	E9745F803E3FBA8FA0CC8C1E6E4506C6	87E8B2D2F29CB42BAD597390234F66745642D080	D5496BC436AAD08CCA3F391A3CA8D7DAFC076B081567511A8B1358F860DA8003
Chrome Cache Entry: 77	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 190152	B10C50C98F0C64E2F85C58FD3A99C5AB	24F47D45A0315A9B1F95EBDC4A8392C3CA84882E	F272F3CED934E1965F7224E1A866204394824DDB625D2DEF37BCB77BE69E620C
Chrome Cache Entry: 78	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 79	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 59293	878F0134D5623C12145B3C539CCB0A31	8DA453BA5ACE4E06F9E3599DD765E1E2C8D17AA9	FDE7337DB19DC211784EEEE2AAD0856785D1A940C2EA73A6E6B6659233D3AFC7
Chrome Cache Entry: 80	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	0B60F3C9E4DA6E807E808DA7360F24F2	9AFC7ABB910DE855EFB426206E547574A1E074B7	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
Chrome Cache Entry: 81	ASCII text, with very long lines (23437), with CRLF line terminators	964FCB2BAF87049DC68975291AE89431	D0CD8C989D44BC531472B632868D3FB2DE4B3184	B8F7BD568E379502CF0C00027581D2761C7DC14B166F5D25FC048A0B56B7BFBB
Chrome Cache Entry: 82	ASCII text, with very long lines (65536), with no line terminators	F30696AB3D69E00C440C39447D47E198	683440221A4F8FC26010E8C9464CA3E87D104E07	5D51850C4E87FE061D7F6E8498433B7EC4C190C528531BA21E761A7455C5953E
Chrome Cache Entry: 83	ASCII text, with very long lines (65536), with no line terminators	7DA7BF4AF908D00367B066B5E97AA67D	C751B0C4D70AF992CF0ADD2286970B022498B3A2	C7D57BCBC4FA671090B8EB60F97DBAA8CF9DB30CE8964D9AED893A06327D319A
Chrome Cache Entry: 84	ASCII text, with very long lines (46880)	6DACD8B951FAAC5ECE426B8D8400B03E	5F344BF7B4F4E981F4DB74083742B9D57ABF8ABF	F2542C4AC79F296F7D9AADD9C2B1A03E003F25CFDF37924AAA24BEAEB554F649
Chrome Cache Entry: 85	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 40329	027A7D52E1CEED8AEF7DC13505B81D36	33CF0BCE6A4C8B44B4A80B3116C978C12EE93FD0	29061464FB6FCE2326B952EACAA95C3C6183BFEA74C3851390E9838720D372A6
Chrome Cache Entry: 86	ASCII text, with CRLF line terminators	B4948865C84E01576EDE372F371CAC80	60A0AA2EF8895FE78B182A0B63E7A4FFBB1BA256	8132FEB57BF5EE1D9D2D0BB420EF1968A403B61220A0B049E60E3155AA0B14E6
Chrome Cache Entry: 87	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1592	4761405717E938D7E7400BB15715DB1E	76FED7C229D353A27DB3257F5927C1EAF0AB8DE9	F7ED91A1DAB5BB2802A7A3B3890DF4777588CCBE04903260FBA83E6E64C90DDF
Chrome Cache Entry: 88	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 89	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 90	HTML document, ASCII text, with very long lines (64257), with CRLF, LF line terminators	FB24F62AADD7BA328C79C5A89AE999A7	3D9CAB6C655B23649DAEC49FCC79383DF79A5EBC	FF62A27122A5CFE4F5C424D689B49B1D887C29FFA01F951CAA548F4FD9B301CB
Chrome Cache Entry: 91	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C
Chrome Cache Entry: 92	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 93	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 459255	FB40FF082772ED1074E6C81BEB1E18B7	D2F8C46030A0473236C2FED39775DE48429C3812	F2635A59DE0867157037CC14288EC01A2EA7A1E75799630EA6A42C3CCE89FAE9
Chrome Cache Entry: 94	ASCII text, with very long lines (35238), with no line terminators	C637DE6889D81964119BA1FD124E2454	5DB2B1681BE6FF9A7B26E269CD80D817D41A01BE	18E8366C8C5590C3D056BA6CA9691B7471D6970EE00D0E22A4B68E517B54F087
Chrome Cache Entry: 95	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 113424	3BA4D76A17ADD0A6C34EE696F28C8541	5E8A4B8334539A7EAB798A7799F6E232016CB263	17D6FF63DD857A72F37292B5906B40DC087EA27D7B1DEFCFA6DD1BA82AEA0B59
Chrome Cache Entry: 96	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 97	ASCII text, with CRLF line terminators	B45EDFC9FCDB690CCDA004A8483955E0	BAEDF73329EABB32504CAC640538EE3B6B31819F	E817BF53005172205995AA07E0021BD8254A0204A1177E925F365E838C32D069
Chrome Cache Entry: 98	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	0B60F3C9E4DA6E807E808DA7360F24F2	9AFC7ABB910DE855EFB426206E547574A1E074B7	ADDEEDEEEF393B6B1BE5BBB099B656DCD797334FF972C495CCB09CFCB1A78341
Chrome Cache Entry: 99	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 1864	0E176276362B94279A4492511BFCBD98	389FE6B51F62254BB98939896B8C89EBEFFE2A02	9A2C174AE45CAC057822844211156A5ED293E65C5F69E1D211A7206472C5C80C

HTML body contains low number of good links

HTTP Parser: Number of links: 0

HTML title does not match URL

HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49724 version: TLS 1.2

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP GET or POST without a user agent

Source: global traffic

Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.69.109.130
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 23.223.209.79
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.4
Source: unknown	TCP traffic detected without corresponding DNS query: 104.117.182.209
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.4

Source: global traffic	HTTP traffic detected: GET /:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: nonesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_layouts/15/1033/styles/error.css?rev=tF7fyfzbaQzNoASoSDlV4A%3D%3DTAG505 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /_layouts/15/1033/styles/corev15.css?rev=tJSIZchOAVdu3jcvNxysgA%3D%3DTAG505 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: stylereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=sr6F3K1Q0GRnD4wb9zrBwPoIvMbEPt-0JaQtZ2Mb3Vn2jVfVgDPU9iKIjfhaW45AYSHlsItWnMQ9vXt_5XC8Wa94u7DJVAawj0-l3jAC6jqDqnCcBHNZcDxMBtl8o-JdbhH7frf9kRm-3KWrGoLkADokDa52GtzlZfPjpXW-t1fMGv_aGr6wfkV8c_9o3aJX0&t=2a9d95e3 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=LGCbvPqDWr6NGAoANcpURE6wX-2D5oGrf28m_P6v5AWqox645ulKE4STbYM8PekIOxkIg8mD9pD-iLx71QtT44qTiD8Gi7tXKkfQTBjCwSY1&t=638823999370157672 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=B4bLup9GT6FvNBDj7lSdY2DxqLAWAfC59a2KqSTY1FBECZs9i9ufw291GYdpWdLJQVtlZSNYwYZfC9HP7UcuaXjP6q-f2WXlpuPanmeHJ2wZ0kpdjDsx3tu3Hvq6sUyIZsFBk6TyauZKGjEr7qx_bdaybHfMwK0kaI5_evnFU8W1gDWToPANfm54gjpb4i8s0&t=2a9d95e3 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: scriptreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/1033/initstrings.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/blank.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/theming.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/init.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: same-originsec-fetch-mode: no-corssec-fetch-dest: imagereferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/1033/strings.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bld/_layouts/15/16.0.26121.12013/core.js HTTP/1.1host: res-1.cdn.office.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.22631.4169/0?CH=902&L=en-US&P=&PT=0x30&WUA=1220.2407.15022.0&MK=1CocMgeHrKELNWb&MD=TMrlDezF HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/1220.2407.15022.0 Client-Protocol/2.80accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /_layouts/15/images/favicon.ico?rev=47 HTTP/1.1host: goldstonemanagment-my.sharepoint.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /personal/sandrar_goldstonem_com HTTP/1.1host: goldstonemanagment-my.sharepoint.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentreferer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsepriority: u=0, i
Source: global traffic	HTTP traffic detected: GET /personal/sandrar_goldstonem_com/_layouts/15/Authenticate.aspx?Source=%2Fpersonal%2Fsandrar%5Fgoldstonem%5Fcom HTTP/1.1host: goldstonemanagment-my.sharepoint.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsepriority: u=0, i
Source: global traffic	HTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2fpersonal%2fsandrar_goldstonem_com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fpersonal%252Fsandrar%255Fgoldstonem%255Fcom&Source=cookie HTTP/1.1host: goldstonemanagment-my.sharepoint.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9accept-encoding: identityaccept-language: en-US,en;q=0.9cookie: WSS_FullScreenMode=falsecookie: RpsContextCookie=U291cmNlPSUyRnBlcnNvbmFsJTJGc2FuZHJhciU1RmdvbGRzdG9uZW0lNUZjb20=priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4 HTTP/1.1host: login.microsoftonline.comupgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: cross-sitesec-fetch-mode: navigatesec-fetch-user: ?1sec-fetch-dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"referer: https://goldstonemanagment-my.sharepoint.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_bazYuVH6rF7OQmuNhACwPg2.js HTTP/1.1host: aadcdn.msftauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=CE2E5519F6C3FEFFB0ACFF29F2CEB805DEB5FB86ED78C639%2D19A748356579EB0DD834B8DD2337F923A05B9C03231BB41FEBA67846D6C4BA12&redirect%5Furi=https%3A%2F%2Fgoldstonemanagment%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=e5cfa6a1%2De048%2D9000%2D00c3%2D6510b75557a4&sso_reload=true HTTP/1.1host: login.microsoftonline.comsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"upgrade-insecure-requests: 1user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-fetch-site: same-originsec-fetch-mode: navigatesec-fetch-dest: documentreferer: https://login.microsoftonline.com/14868b8a-936a-4437-8198-fd9fa4f69548/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&respon
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_l8i1wwom7wbodda4l9b6dw2.js HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: text/css,/;q=0.1sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: stylereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=0
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_k4QdCmHtAxG2-1HsSIy8zw2.js HTTP/1.1host: aadcdn.msauth.netorigin: https://login.microsoftonline.comsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: corssec-fetch-dest: scriptreferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/oneDs_486f0cce3c3db211da28.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_41f36656d3c0bb04c90c.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4f75990aeef30238698e.js HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: /sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: scriptsec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1host: aadcdn.msauth.netsec-ch-ua-platform: "Windows"user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8sec-fetch-site: cross-sitesec-fetch-mode: no-corssec-fetch-dest: imagesec-fetch-storage-access: activereferer: https://login.microsoftonline.com/accept-encoding: identityaccept-language: en-US,en;q=0.9priority: i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1host: aadcdn.msauth.netuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9priority: u=1, i
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1host: login.microsoftonline.comuser-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36accept: /sec-fetch-site: nonesec-fetch-mode: corssec-fetch-dest: emptysec-fetch-storage-access: activeaccept-encoding: identityaccept-language: en-US,en;q=0.9cookie: esctx-71YInml3DZE=AQABCQEAAABVrSpeuWamRam2jAF1XRQEWRDa3Ner4X-GaKw_n7FSlUA5yIaKwaEj6P2C_XLbt7JFnV5fNIRm9fqHD-8wxBxjl6CP_HtMxcLqdPcJVZ-PPVB9kD00IZ40vFUZ5Hcp5NmTfcLb9gQJHb2Dx31ZSGQksmhldnwRAqhpS5An1iyCXCAAcookie: x-ms-gateway-slice=estsfdcookie: stsservicecookie=estsfdcookie: AADSSO=NA\|NoExtensioncookie: SSOCOOKIEPULLED=1cookie: buid=1.AW4AiouGFGqTN0SBmP2fpPaVSAMAAAAAAPEPzgAAAAAAAABuAABuAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQE3I5pqbIRmN026x6Cl0C8kUKvut9vA7uVnkDN3sWDbQ12vmHYFuPJCjTHUAeNq-H03lSYL6tLIe9dYTJ-dW9-yZWmHA48SzzL9oIqsXtpfjggAAcookie: esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEX8rqiRqlioAsqp0V9WEXetaiodOk9YfETe9sv7KlBl1x-ec5Ka1pWb9ahO5m7-NpDVXj7chr1TEY5nIVaJNuEKEsMfE64rf2i0r0m8F2z8wH6rQHpVrjVvUelvXpUpeK8e1S8fj5EpQWH5QbB6TDfR6sUKIVZTMpkeR4rsgYLfsgAAcookie: esctx-m77HPvFtk=AQABCQEAAABVrSpeuWamRam2jAF1XRQEoz7x4jdzc2MvCyNSDFY347a2XdVFM5WwGiJyHMl9pbzMDLWrbHGnpdmoEHx99cnfBIkNkaZ4RxBB1c5UQ436ALrQoGh5AlbjRV3CBoKOSUnnihlRbPWPu5FICEQK8d2llKD0V_w2SAahwC1rNzKcLiAAcookie: fpc=AsEr7rtG_vJGmnZ5g8rTo0GEDnIxAQAAAMld2t8OAAAAcookie: MicrosoftApplicationsTeleme
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.22631.4169/0?CH=902&L=en-US&P=&PT=0x30&WUA=1220.2407.15022.0&MK=1CocMgeHrKELNWb&MD=TMrlDezF HTTP/1.1host: slscr.update.microsoft.comaccept: /user-agent: Windows-Update-Agent/1220.2407.15022.0 Client-Protocol/2.80accept-encoding: identity
Source: global traffic	HTTP traffic detected: GET /r/r1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: goldstonemanagment-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net

Source: unknown

Source: chromecache_84.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_84.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_84.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/1033/initstrings.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/blank.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/init.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res-1.cdn.office.net/bld/_layouts/15/16.0.26121.12013/theming.js
Source: chromecache_90.2.dr	String found in binary or memory: https://res.cdn.office.net/teams-js/2.21.0/js/MicrosoftTeams.min.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49699 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49699
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49678
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49677
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49707 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.24:49724 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@24/61@16/11

Source: C:\Windows\System32\appidpolicyconverter.exe	Mutant created: PolicyMutex
Source: C:\Windows\System32\conhost.exe	Mutant created: \BaseNamedObjects\Local\SM0:6548:120:WilError_03

Source: C:\Windows\System32\appidpolicyconverter.exe

Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,14049268193459184991,7695379603295095455,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250316-180048.776000 --mojo-platform-channel-handle=1756 /prefetch:11
Source: unknown	Process created: C:\Windows\System32\appidpolicyconverter.exe "C:\Windows\system32\appidpolicyconverter.exe"
Source: C:\Windows\System32\appidpolicyconverter.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1948,i,14049268193459184991,7695379603295095455,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250316-180048.776000 --mojo-platform-channel-handle=1756 /prefetch:11	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: msvcp110_win.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: srpapi.dll	Jump to behavior
Source: C:\Windows\System32\appidpolicyconverter.exe	Section loaded: gpapi.dll	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1711299
Product:	CloudBasic
Start time:	19:07:56
Start date:	10.06.2025
Cookbook:	browseurl.jbs
System description:	Windows 11 23H2 with Office Professional Plus 2021, Chrome 131, Firefox 133, Adobe Reader DC 24, Java 8 Update 431, 7zip 24.09
Architecture:	WINDOWS

Windows Analysis Report
https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://goldstonemanagment-my.sharepoint.com/:o:/g/personal/sandrar_goldstonem_com/EsXLH__K8yxCuPDU0eDeoNIBDxttVTtWa08L1PYp5Mzc_w?e=5%3a0J1yd6&at=9