Loading ...

Play interactive tourEdit tour

Windows Analysis Report https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zip

Overview

General Information

Sample URL:https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zip
Analysis ID:481251
Infos:

Most interesting Screenshot:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2900 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zip' MD5: C139654B5C1438A95B321BB01AD63EF6)
    • chrome.exe (PID: 5520 cmdline: 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1584,6466496690133128072,17345954939480891255,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1712 /prefetch:8 MD5: C139654B5C1438A95B321BB01AD63EF6)
  • cleanup

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zipVirustotal: Detection: 7%Perma Link
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\DictionariesJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdicJump to behavior
Source: unknownDNS traffic detected: queries for: clients2.google.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49686 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49682 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49686
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49682
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49679
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49675
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: unknownTCP traffic detected without corresponding DNS query: 23.211.6.115
Source: global trafficHTTP traffic detected: GET /proactive/v2/spark?cc=US&setLang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-Device-IsBatteryCertified: falseX-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-Device-IsBatteryEnabled: falseX-Device-NetworkType: ethernetX-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-VoiceActivationOn: falseX-Device-AudioCapture: Microphone (High Definition Audio Device)X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDYAkR8BAAUW3WS0TDKGu2jEbBhB%2BXls4oNzBQAARSqHjfctc7%2BjVIvEwzhr2wwws2W/KVvcs91uzopMyUeiw9pecItWWK%2BJfeqOfXey4YlA6tSjfT3KHEOD2NVFtqSnhuhzQu4DUexBThkp0aUDg7zOzyX4sUdeWryC/5MWrmj8HiFM69pBpXeTrvnPI5FGu2xNtNgBmUv9fLbvXYKTxHcx9nGy4MmrC6bL2gaP4WV4T25tyJ2cJLuKmp0uwV5opRFNvz32/l3G%2BoirIHHKXsGRJi867GSdUcV82EU2bHOQqQDeu5nuGiEeYVoBn6syApbNyERBbK2vvzFCBJVwwFOgtej4qSZBBrToROGrQdaZaJyLnsPZScUlGsJomcDZgAACKhFI9%2Biu67BqAEZtD7lF9WcOGSxWl8LxhFpEyLf/NJ/fKKFLeIKtUXYXbvMqU4anNSh11/nYmfjZ6Zp7MdKaFm9yiPzmbBHcH5o0SjmD0D%2B1G%2BBDZqpDEmzh6S09FC0ImYtiZqfz%2BG78/ZTlI%2BMrpi8CmVv48/9%2B4xXHKBPkCZdLpm7cKtK37LMaU8QWTBvd810qqnMDrqnxKGabdRrZDNopNc9zXDk%2Bv3aPcEICVyHgrF8wM4Syc4wsYFoQW/Pvfwry%2B%2B886S8ys9tfY%2Bj8kdXbfCRQe1EpwQEhb2AuNXLTIw6qEnfESPZ6tRbi86vsrCNUMQhSDMdbytafD%2BYFfmuQZwtwYwJHoTpK7IhbnjseXyL%2Bbrk%2B3VRNnQTpJwIB49gz%2Bvm5cUJ6QoJmm%2BjH9PDLhXfB%2BygeE1C0NmKRy6prXiwOtjM3OxA4zv/v3Z56obAhpKbs6ipaYHU9Z/eKacIjlykqlSi3XLaiMqZ2jesNXREncSYhLrcnuZJl1vwiKLbTDaQpySq3GWD7coApAXYWtlJoThbHslyQw%2Blq28wMIJ8aVYK9lidPONyoaNzLnb11QE%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1631315053User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-IsEnergyHero: falseX-Device-Touch: falseX-Device-ClientSession: 693EA8F9F569449BB004411442EBBB06X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
Source: global trafficHTTP traffic detected: GET /client/config?cc=US&setlang=en-US HTTP/1.1X-Search-CortanaAvailableCapabilities: CortanaExperience,SpeechLanguageX-Search-SafeSearch: ModerateAccept-Encoding: gzip, deflateX-Device-MachineId: {A2AB526A-D38D-4FC9-8BA0-E34B8D6354E8}X-UserAgeClass: UnknownX-BM-Market: USX-BM-DateFormat: M/d/yyyyX-CortanaAccessAboveLock: falseX-Device-OSSKU: 48X-BM-DTZ: -420X-BM-FirstEnabledTime: 132061395240662859X-DeviceID: 0100748C0900F661X-Search-TimeZone: Bias=480; DaylightBias=-60; TimeZoneKeyName=Pacific Standard TimeX-BM-Theme: 000000;0078d7X-Search-RPSToken: t%3DEwDYAkR8BAAUW3WS0TDKGu2jEbBhB%2BXls4oNzBQAARSqHjfctc7%2BjVIvEwzhr2wwws2W/KVvcs91uzopMyUeiw9pecItWWK%2BJfeqOfXey4YlA6tSjfT3KHEOD2NVFtqSnhuhzQu4DUexBThkp0aUDg7zOzyX4sUdeWryC/5MWrmj8HiFM69pBpXeTrvnPI5FGu2xNtNgBmUv9fLbvXYKTxHcx9nGy4MmrC6bL2gaP4WV4T25tyJ2cJLuKmp0uwV5opRFNvz32/l3G%2BoirIHHKXsGRJi867GSdUcV82EU2bHOQqQDeu5nuGiEeYVoBn6syApbNyERBbK2vvzFCBJVwwFOgtej4qSZBBrToROGrQdaZaJyLnsPZScUlGsJomcDZgAACKhFI9%2Biu67BqAEZtD7lF9WcOGSxWl8LxhFpEyLf/NJ/fKKFLeIKtUXYXbvMqU4anNSh11/nYmfjZ6Zp7MdKaFm9yiPzmbBHcH5o0SjmD0D%2B1G%2BBDZqpDEmzh6S09FC0ImYtiZqfz%2BG78/ZTlI%2BMrpi8CmVv48/9%2B4xXHKBPkCZdLpm7cKtK37LMaU8QWTBvd810qqnMDrqnxKGabdRrZDNopNc9zXDk%2Bv3aPcEICVyHgrF8wM4Syc4wsYFoQW/Pvfwry%2B%2B886S8ys9tfY%2Bj8kdXbfCRQe1EpwQEhb2AuNXLTIw6qEnfESPZ6tRbi86vsrCNUMQhSDMdbytafD%2BYFfmuQZwtwYwJHoTpK7IhbnjseXyL%2Bbrk%2B3VRNnQTpJwIB49gz%2Bvm5cUJ6QoJmm%2BjH9PDLhXfB%2BygeE1C0NmKRy6prXiwOtjM3OxA4zv/v3Z56obAhpKbs6ipaYHU9Z/eKacIjlykqlSi3XLaiMqZ2jesNXREncSYhLrcnuZJl1vwiKLbTDaQpySq3GWD7coApAXYWtlJoThbHslyQw%2Blq28wMIJ8aVYK9lidPONyoaNzLnb11QE%3D%26p%3DX-Agent-DeviceId: 0100748C0900F661X-BM-CBT: 1631315052User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.10.7.17134; 10.0.0.0.17134.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134X-Device-isOptin: trueAccept-language: en-US, enX-Device-Touch: falseX-Device-ClientSession: 693EA8F9F569449BB004411442EBBB06X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-BM-ClientFeatures: pbitcpdisabled,AmbientWidescreen,rs1musicprod,CortanaSPAXamlHeaderHost: www.bing.comConnection: Keep-AliveCookie: MUID=7E1F7E3AB9E24BF9AA0D8F6664CA6F63
Source: global trafficHTTP traffic detected: GET /image/apps.15445.9007199266246197.1102bb94-3d65-417b-bd4a-5e4abd0fc759.383d8ea0-4240-4554-8a60-3d075579c48e?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.16574.13571498826857201.00a9d390-581f-492c-b148-b2ce81649480.6a6f592e-efa9-4bb0-b008-7c3422ab3313?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.18694.9007199266247846.b5c49955-e050-4553-b8e4-0e223ed6c5a1.4e8e78d2-c2c2-4c02-8d8c-46ac3b2419e7?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.18858.9007199266246227.c596c546-6fcb-4260-935c-19bc24b971ef.1b03c26f-1753-4221-9ab1-4581f098723d?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.2052.9007199266247846.b5c49955-e050-4553-b8e4-0e223ed6c5a1.a0c3decd-308f-4f06-bcfb-2aa4f3afe248?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.20893.13571498826857201.00a9d390-581f-492c-b148-b2ce81649480.acc28f88-50de-4aaf-abfc-ad1da8b04cd0?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.34216.13510798887304077.23063538-cc5b-48a6-877b-3b83e2722bce.566f2e1c-fa6a-4237-9db4-5b8d5b63a0eb?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.31617.13655054093851568.f2bf9430-60d7-4569-a50d-0f21c9ade6b3.c563d383-997d-4da1-9def-d7200e3547f8?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.23911.9007199266246197.1102bb94-3d65-417b-bd4a-5e4abd0fc759.1357e1bf-d617-4272-ae74-1ad5e64df828?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.37103.13510798887304077.23063538-cc5b-48a6-877b-3b83e2722bce.a75cd0a0-1e29-40e8-8a9c-4bdc75f7997c?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.37827.13753891519397067.09276afb-06f9-44a1-b0d9-b027aaf639b5.96a6ae2c-a3e2-4b3c-8de1-2a17df388872?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.40093.9007199266285780.3d16d9fa-052b-42c5-ba7d-a5688e3dda24.e6964d6a-18a4-4746-9238-9f0acc233a65?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.49856.13753891519397067.09276afb-06f9-44a1-b0d9-b027aaf639b5.44e51362-f63c-4737-878e-9c83ae307c47?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.49525.13510798887047136.8a1815b2-017c-48c8-80cc-ca4d1ae5c8cf.2f6b9bdf-a4fc-42d8-aea0-65c437755b78?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.58298.9007199266285780.3d16d9fa-052b-42c5-ba7d-a5688e3dda24.55988ee1-bd9b-4322-980a-a610abdc7713?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.616.13510798887047136.8a1815b2-017c-48c8-80cc-ca4d1ae5c8cf.d81cfd95-c9fd-48e0-8fc3-36ff7b9e590a?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.64128.9007199266246227.c596c546-6fcb-4260-935c-19bc24b971ef.d58015ff-2fcf-4113-975b-e873039b6d86?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.11554.13576748414566955.ddf411cf-737c-4c89-8b37-cb8d28921c17.e0987182-8d6c-458c-befd-5dda1218b08e?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.15113.9007199266243449.5d3d0570-251e-497e-b523-b366edcab8b6.02e30049-83bd-4605-9702-38682a38e4c7?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.31377.13925855090824389.5d8469ac-bd06-459d-aeb3-ac562357124f.715204a1-f65d-4d02-859d-2a63864bf401?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.18124.9007199266244427.c75d2ced-a383-40dc-babd-1ad2ceb13c86.afc6c372-c7a8-4eda-94fb-541bbb081d14?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.34227.9007199266243449.5d3d0570-251e-497e-b523-b366edcab8b6.81fe3b1b-a486-406c-812b-786fc2c2ed04?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.38957.9007199266246761.3059e916-5e99-4797-a868-366cc8761e37.dcc9368c-4c77-41a2-b867-8514435d8418?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.47231.13510798883386282.03d5627f-a416-4073-8989-ce5891d3a285.f7f2ba18-f7d5-4307-85b3-dba28f22a8bb?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.39016.9007199266243744.36dde9d0-f21a-47d2-976e-f1ea3f5b031f.bbea1229-a466-4a8c-b428-57cb58abf084?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.41671.13634052595610511.c45457c9-b4af-46b0-8e61-8d7c0aec3f56.86b1d82d-8b47-4bda-99fc-8a1db0a7ac9d?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.43423.13510798883386282.9283c867-e87c-44e6-8b74-26c2744befb9.e2e1f371-e658-4ebc-afda-254d7c8f9a8e?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.5075.9007199266244427.c75d2ced-a383-40dc-babd-1ad2ceb13c86.f329a73d-1ae8-4445-aa4c-bf40f3c5d62d?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.52481.9007199266243744.36dde9d0-f21a-47d2-976e-f1ea3f5b031f.16c0a704-aef8-4bc4-af36-0c3b3ee0f6e2?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.54562.13634052595610511.c45457c9-b4af-46b0-8e61-8d7c0aec3f56.24af4abe-62f8-404b-b1a9-ee8fe4d32d94?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.55990.13510798886747090.a0953092-5fc3-46f0-aefa-796cb3a9b90b.1c9f2174-7e18-48ba-af90-e569a2444a83?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.58878.9007199266246761.3059e916-5e99-4797-a868-366cc8761e37.21987aba-4948-4f44-bf2e-eba90517f1c5?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.59367.13510798885854323.dbec43fa-fcea-4036-9b1c-96de66922c18.da850a8e-5b3f-49fd-b3dc-6a8c0db400e4?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.5940.13925855090824389.5d8469ac-bd06-459d-aeb3-ac562357124f.4188e018-d924-474d-ad09-e02db690d34f?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.62687.13510798885854323.6a8c11ad-84e9-4247-9ba9-ab3742bdbb87.e61dfadd-3bdd-4f66-beb1-6bb763b60b02?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.8341.13510798886747090.a0953092-5fc3-46f0-aefa-796cb3a9b90b.fc0c6be7-c064-44dc-a7df-81e7097e3c93?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /image/apps.8607.13576748414566955.ddf411cf-737c-4c89-8b37-cb8d28921c17.c26d58e8-2d33-4e9a-bf78-e22de319ec46?format=source HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134Host: store-images.s-microsoft.comConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zip HTTP/1.1Host: d15k2d11r6t6rl.cloudfront.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: d15k2d11r6t6rl.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSep2021.zipAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: manifest.json0.0.dr, ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://accounts.google.com
Source: manifest.json0.0.dr, ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://apis.google.com
Source: ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.0.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://clients2.googleusercontent.com
Source: manifest.json0.0.drString found in binary or memory: https://content.googleapis.com
Source: History.0.drString found in binary or memory: https://d15k2d11r6t6rl.cloudfront.net/public/users/BeeFree/beefree-36jrfwcih72/SubcontractorReviewSe
Source: b3f13e49-f795-4311-ada7-5ec1e571ff17.tmp.1.dr, ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, fed46255-a458-4566-a2ab-57dacf23a587.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://dns.google
Source: manifest.json0.0.drString found in binary or memory: https://feedback.googleusercontent.com
Source: ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://fonts.googleapis.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.googleapis.com;
Source: ee8c72fc-58b8-48be-8173-c6633d321a21.tmp.1.dr, 83b727ee-0e82-4bbd-a48f-69c3c1e61b36.tmp.1.drString found in binary or memory: https://fonts.gstatic.com
Source: manifest.json0.0.drString found in binary or memory: https://fonts.gstatic.com;
Source: manifest.json0.0.drString found in binary or memory: