Windows Analysis Report
http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/

Overview

General Information

Sample URL:	http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/
Analysis ID:	1446890
Infos:

Detection

TechSupportScam

Score:	60
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus / Scanner detection for submitted sample

Yara detected TechSupportScam

AI detected suspicious javascript

Creates files inside the system directory

Deletes files inside the Windows folder

Detected non-DNS traffic on DNS port

Drops PE files

Drops PE files to the windows directory (C:\Windows)

Form action URLs do not match main URL

Found iframes

HTML body contains low number of good links

HTML title does not match URL

PE file contains more sections than normal

PE file contains sections with non-standard names

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/	Avira URL Cloud: detection malicious, Label: phishing
Source: http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/	SlashNext: detection malicious, Label: Scareware type: Phishing & Social Engineering

Phishing

Yara detected TechSupportScam

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML

AI detected suspicious javascript

Source: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/

LLM: Score: 7 Reasons: The JavaScript code disables right-click, F12 (Developer Tools), and certain key combinations (Ctrl+C, Ctrl+U). These actions are often used to prevent users from inspecting or copying content, which is a common tactic used by malicious sites to hide their activities. While not inherently malicious, these behaviors are suspicious and warrant further investigation. DOM: 0.0.pages.csv

Form action URLs do not match main URL

Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...

HTTP Parser: Form action: https://www.microsoft.com/cascadeauth/account/signin-oidc live microsoft

Found iframes

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0

HTTP Parser: Iframe src: https://login.live.com/Me.htm?v=3

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: Number of links: 0
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: Title: Redirecting does not match URL
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: Title: Continue does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No favicon
Source: https://support.microsoft.com/en-us/silentsigninhandler	HTTP Parser: No favicon
Source: https://login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=746ba4c3-b1e5-4328-fb1e-71381d8a12cd&partnerId=smcconvergence&idpflag=proxy	HTTP Parser: No favicon
Source: https://fpt.microsoft.com/tags?session_id=973db2fe-578c-45cf-98bc-7eeca87fd29e	HTTP Parser: No favicon
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: No favicon
Source: https://www.microsoft.com/cascadeauth/store/account/silentauth?auth=None	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://developer.microsoft.com/en-us/	HTTP Parser: No favicon
Source: https://developer.microsoft.com/en-us/	HTTP Parser: No favicon

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Source:

Binary string: Google.Widevine.CDM.dll.pdb source: Google.Widevine.CDM.dll.0.dr

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:49732 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:56886 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:57377 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: trq21files6468h65fdtr65g67h85deploy869.pages.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/stars2.html HTTP/1.1Host: trq21files6468h65fdtr65g67h85deploy869.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meBoot.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/FetchSessions_Core_IjgrZlvKzcbjDk5QwpFvYA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meBoot.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meCore.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000/content/js/MeControl_v6QmZT1KIHvYorogrcRgqA2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1Host: wcpstatic.microsoft.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MC1=GUID=749eee6039c5489b9db3000c7ab3f399&HASH=749e&LV=202310&V=4&LU=1696413236917; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE; MS0=fd15699f2c63443491f747f9a545ba9d; ak_bmsc=0CB1935048BEA155827AA6E6EDA31FF5~000000000000000000000000000000~YAAQjmQQAq4FmIaPAQAAybqYpxfN9X/sJsP/IL6zKjmmgDVkY5U3v4iGF/U5OZv5RXhoo8zjM1DlTKQMsiVE3VYHfd0Rl9tPvsWu0tz0U6NETkhe1/pE20W3Qj4zMvd31Rig6wNyRyH85ccMG4ihYYteFGfeDvFhWR9vpvbJO2hn6CkqAXAF3fjdYM6/StylOGJcZ01tI3uZHts5nWk8NhxwpgPFdZJWW17wXku90fCCLZLeCoJxGMQCmc8JxfWF4LN3Kcp/TkMZcdaPt+CBLrM6U5CmTeEPKx4tXEdXv4xf/UFy1/1KjBP6ciltjRG//0KrWveyznfnY+T5INt+67Cjj1QJs1BQxlxR6aXX8YqMiO1VKK4n57ycl0eH
Source: global traffic	HTTP traffic detected: GET /meversion?partner=OfficeProducts&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales HTTP/1.1Host: publisher.liveperson.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1716503801998 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /A1133099-331c-4cdf-89b0-06dc20e168021.js HTTP/1.1Host: d.impactradius-event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ptc/05d32363-d534-4d93-9b65-cde674775e71.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=72660298351804206001531652407700886728&ts=1716503803011 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: mscom.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1716503801998 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=72660298351804206001531652407700886728&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MC1%01749eee6039c5489b9db3000c7ab3f399%012&ts=1716503804106 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=72660298351804206001531652407700886728&ts=1716503803011 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /365868.gif?partner_uid=72378840570020671911577873055171083719 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CKyqFhIxCi0IARCYEhomNzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTkQABoNCP6Jv7IGEgUI6AcQAEIASgA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=LeVVnUyTmNA3U2ykaICJw+5tKjzmC9uDsEHjABqijs8=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=OVgvsJk18m_6KbgXp1P3_MDjDWR-gNl2SWh7HnpRYXgMrgq0lrmrhEdAvBxHr-6LIPxgAtZ3lQ0AfwBMfao4jB_CiXWGLiKlLwesmCVJQpc.; receive-cookie-deprecation=1; uuid2=7757911967533041082
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTk= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rest/v1/delivery?client=microsoftmscompoc&sessionId=5ffd710930574ea08a00a15e67000b16&version=2.4.0 HTTP/1.1Host: target.microsoft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MC1=GUID=749eee6039c5489b9db3000c7ab3f399&HASH=749e&LV=202310&V=4&LU=1696413236917; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE; MS0=fd15699f2c63443491f747f9a545ba9d; ak_bmsc=0CB1935048BEA155827AA6E6EDA31FF5~000000000000000000000000000000~YAAQjmQQAq4FmIaPAQAAybqYpxfN9X/sJsP/IL6zKjmmgDVkY5U3v4iGF/U5OZv5RXhoo8zjM1DlTKQMsiVE3VYHfd0Rl9tPvsWu0tz0U6NETkhe1/pE20W3Qj4zMvd31Rig6wNyRyH85ccMG4ihYYteFGfeDvFhWR9vpvbJO2hn6CkqAXAF3fjdYM6/StylOGJcZ01tI3uZHts5nWk8NhxwpgPFdZJWW17wXku90fCCLZLeCoJxGMQCmc8JxfWF4LN3Kcp/TkMZcdaPt+CBLrM6U5CmTeEPKx4tXEdXv4xf/UFy1/1KjBP6ciltjRG//0KrWveyznfnY+T5INt+67Cjj1QJs1BQxlxR6aXX8YqMiO1VKK4n57ycl0eH; fptctx2=H3ihr9e92IdW6yd1ZgQ9SyoufAf2k3o4JywpA2nh2nOi1AvIQZ3Ykxhpnew6ecz4A4O8YYBfHg3xMw4gAepW%252bIBg4FOQpbiRMnyQZCuLJMsOAEdB4toSY8%252flXvBLeaDOA2%252bZIQhNkkOEMlTw1PWtSKI9JyeMr90CACzyvJV1aSdhl2oV4TZkTWJbAh8y%252fzphyxUkT8l90pSzCHTVgbelOv4gVn4TT3YxgmcHx0G8wUbUNg4xBT8lUIE4euRb7K6MKe0AaedZwwJu5vXqShkM4lZe2r9dF5A2O%252f%252foUzvkJwomf3WerrFVAR7GjwO8VbRVWayKPamgPtWIekmevzKYTA%253d%253d; MSCC=NR; _cs_c=0; at_check=true; AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg=1; IR_gbd=microsoft.com; IR_7593=1716503803218%7C0%7C1716503803218%7C%7C; mbox=session#5ffd710930574ea08a00a15e67000b16#1716505663\|PC#5ffd710930574ea08a00a15e67000b16.37_0#1750690504; AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19867%7CMCMID%7C72660298351804206001531652407700886728%7CMCAAMLH-1717108605%7C6%7CMCAAMB-1717108605%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C435590578%7CMCOPTOUT-1716511005s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=72660298351804206001531652407700886728&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MC1%01749eee6039c5489b9db3000c7ab3f399%012&ts=1716503804106 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ats/ats?cmd=RT&AdvertiserID=4249&platform=TUMRI&ActionID=20114&ActionName=Microsoft_Store_RT_Pixel&ut1=&ut2=en&ut3=us&cachebuster=202908449 HTTP/1.1Host: ats.everesttech.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=be4b5e6f6269a023e59a45b762759084e594b199f79e6e18cdd11f2dfe61bca5b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=358&dpuuid=7757911967533041082 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTk=&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zk-FAAAAAM8F5gN6 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591
Source: global traffic	HTTP traffic detected: GET /ats/ats?cmd=RT&AdvertiserID=4249&platform=TUMRI&ActionID=20114&ActionName=Microsoft_Store_RT_Pixel&ut1=&ut2=en&ut3=us&cachebuster=202908449 HTTP/1.1Host: ats.everesttech.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: everest_g_v2=g_surferid~Zk-FAAAAAKilnwpG
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory&is_vtc=1&cid=CAQSGwDaQooLtVEYjG7zmLoJgdIeMMrTDjH5o-bbKw&random=844679743 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pcc/05d32363-d534-4d93-9b65-cde674775e71.js?DeploymentConfigName=Release_20230511&Version=2 HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=be4b5e6f6269a023e59a45b762759084e594b199f79e6e18cdd11f2dfe61bca5b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591; dpm=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=358&dpuuid=7757911967533041082 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEBK54gN4zjgIohiLq_KbTgY&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Zk-FAAAAAKilnwpG HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zk-FAAAAAM8F5gN6 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /www/bridge-WR110.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory&is_vtc=1&cid=CAQSGwDaQooLtVEYjG7zmLoJgdIeMMrTDjH5o-bbKw&random=844679743 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=992&dpuuid=s4y749by9xbx HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /i/adsct?p_user_id=72378840570020671911577873055171083719&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEBK54gN4zjgIohiLq_KbTgY&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Zk-FAAAAAKilnwpG HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /microsoft/lp_ada_enhancements-prod.js HTTP/1.1Host: static-assets.fs.liveperson.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/4000034?insights=1 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/adsct?p_user_id=72378840570020671911577873055171083719&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_FIfC9jS/elpG+zqJcGWKOg=="
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=992&dpuuid=s4y749by9xbx HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageview?ex=&pvt=n&la=en-US&uc=0&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products%3Focid%3Dcmmibbws4d3&dr=&dw=1263&dh=11133&ww=1280&wh=907&sw=1280&sh=1024&uu=c5618302-fdc5-a614-8275-d152865b9a64&sn=1&hd=1716503809&v=13.89.2&pid=2422&pn=1&r=787156 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageEvent?value=H4sIAAAAAAAAAwsIcVZwD%2FV0UahRMDBNMTYyNjPWTTE1NtE1SbE01rVMMjPVTU5JNTM3MTc3TTU3BAC5OujJLwAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&r=615088 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageEvent?value=H4sIAAAAAAAAA3POz0vLTLdSCErNSU0sTo03MjAyNjA1NAQA5ZGESRgAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&r=713652 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dvar?v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&dv=H4sIAAAAAAAAA1WQUU%2FCMBSF%2F8rNXtBII2NsE9%2FKJEjigIwSjYSQrq3SMFfSdShR%2F7t3YDC%2B9LbJud85p5%2FejCXrUa2ld%2Bt1Qhl0gyggMgx6pCf7AennUUiEVFHci%2BNQxb7X9uhgTdk6pRkbJvewYOOH8TNl4%2BkEsuFsmrHxZAQEElM6LhzQapty65TYwIuxcKcc1wWaMcvFVpevMC2LA%2BmeuX4U9n3cp9cUVMnzotFwIWrLnQLZDG1KUJXTb6drXTWS1qgwOS9w81HleM6skS2g0uQKaMmLg9OiAqt2xjqoau0UhuD8aCfO7kZoiW5O77U7oGD4sVNWq1Ig5Czq4soNWiwX8zbQRRtGgxWkQRTCE68lJBtjKmXhCzIutcBM%2BwDVzAc0PcVH8hGS%2FNUOwk6nqV2880NFsFbzATiWc2es%2Bi0EV%2FDveUGH6eUKaZSSI4H53vcPC53OgdQBAAA%3D&ct=2&r=303855 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=19374f99-d6db-4f7b-a4fe-72bf20b05602; TDCPM=CAEYBSgCMgsI3KHso_Lg_TwQBTgB
Source: global traffic	HTTP traffic detected: GET /quota?ct=0 HTTP/1.1Host: q-aus1.clicktale.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/0.7.32/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /exist?v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64 HTTP/1.1Host: srm.bf.contentsquare.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=903&dpuuid=19374f99-d6db-4f7b-a4fe-72bf20b05602 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594
Source: global traffic	HTTP traffic detected: GET /microsoft/lp_ada_enhancements-prod.css HTTP/1.1Host: static-assets.fs.liveperson.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=sG6TrOVtl_6rPJ_4vmyK-rE5lKyrbcT64GGDOunU HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /v2/recording?rt=5&rst=1716503809443&let=1716503810460&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&ri=1&ct=2 HTTP/1.1Host: k-aus1.clicktale.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=903&dpuuid=19374f99-d6db-4f7b-a4fe-72bf20b05602 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=sG6TrOVtl_6rPJ_4vmyK-rE5lKyrbcT64GGDOunU HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595
Source: global traffic	HTTP traffic detected: GET /i.match?p=b13&u=72378840570020671911577873055171083719&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=5987F6E2F7C141&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595
Source: global traffic	HTTP traffic detected: GET /z/i.match?p=b13&u=72378840570020671911577873055171083719&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=a2noeUP3rTnCiAyVqEeyKcytXR4VTnNG17qWAhk4
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=5987F6E2F7C141&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595
Source: global traffic	HTTP traffic detected: GET /cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588
Source: global traffic	HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608
Source: global traffic	HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent=&uid=72378840570020671911577873055171083719&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBAnFT2YCENDRNj3bpcbRkTnRWeLFmRkFEgEBAQEWUWZZZtwr0iMA_eMAAA&S=AQAAApIiPj3t1um2hYKYmn8RpCE
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7697902171003068425 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-OSLqy1tE2pEYvXmujNgAsL7LbLsq.VOxt4c-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=74046702784C14D49B7C5540D1970004 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /dmp/adobe/user?dd_uuid=72378840570020671911577873055171083719 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7697902171003068425 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-OSLqy1tE2pEYvXmujNgAsL7LbLsq.VOxt4c-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=24da9327-a94f-478f-bdc7-88d8e65f4ad5 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597
Source: global traffic	HTTP traffic detected: GET /getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=74046702784C14D49B7C5540D1970004 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597
Source: global traffic	HTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4032393584120932514922; tluid=4032393584120932514922
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=24da9327-a94f-478f-bdc7-88d8e65f4ad5 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973
Source: global traffic	HTTP traffic detected: GET /dv/sync?tid=6 HTTP/1.1Host: ag.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4032393584120932514922&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973
Source: global traffic	HTTP traffic detected: GET /CookieSyncAdobe HTTP/1.1Host: rtb.adentifi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=32d85a54-20a8-4a6d-8b5d-0219223327c9 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4032393584120932514922&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668\|121998-1-1716503823593
Source: global traffic	HTTP traffic detected: GET /map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=72378840570020671911577873055171083719?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=32d85a54-20a8-4a6d-8b5d-0219223327c9 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668\|121998-1-1716503823593
Source: global traffic	HTTP traffic detected: GET /map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=72378840570020671911577873055171083719?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_cc=ctst
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://developer.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=MSDev-Community&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://developer.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_430.2.dr	String found in binary or memory: "//www.linkedin.com/shareArticle?mini=true&url=" + equals www.linkedin.com (Linkedin)
Source: chromecache_430.2.dr	String found in binary or memory: url: "//www.facebook.com/share.php?u=" + h, equals www.facebook.com (Facebook)
Source: chromecache_669.2.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_669.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oA(a,c,e);P(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return P(122),!0;if(d&&f){for(var m=Nb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_669.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_669.2.dr	String found in binary or memory: var TB=function(a,b,c,d,e){var f=Mz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Mz("fsl","nv.ids",[]):Mz("fsl","ids",[]);if(!g.length)return!0;var h=Rz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);P(121);if("https://www.facebook.com/tr/"===m)return P(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!yy(h,zy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: trq21files6468h65fdtr65g67h85deploy869.pages.dev
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: theflavorsomejourney.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: c.s-microsoft.com
Source: global traffic	DNS traffic detected: DNS query: js.monitor.azure.com
Source: global traffic	DNS traffic detected: DNS query: mem.gfx.ms
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: support.content.office.net
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: assets.onestore.ms
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: microsoftwindows.112.2o7.net
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: lptag.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: lpcdn.lpsnmedia.net
Source: global traffic	DNS traffic detected: DNS query: accdn.lpsnmedia.net
Source: global traffic	DNS traffic detected: DNS query: publisher.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: d.impactradius-event.com
Source: global traffic	DNS traffic detected: DNS query: cdnssl.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: mscom.demdex.net
Source: global traffic	DNS traffic detected: DNS query: msftenterprise.sc.omtrdc.net
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ats.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: rtd.tubemogul.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: rtd-tm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: idpix.media6degrees.com
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: static-assets.fs.liveperson.com
Source: global traffic	DNS traffic detected: DNS query: q-aus1.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: c.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: match.adsrvr.org
Source: global traffic	DNS traffic detected: DNS query: srm.bf.contentsquare.net
Source: global traffic	DNS traffic detected: DNS query: k-aus1.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: cms.quantserve.com
Source: global traffic	DNS traffic detected: DNS query: s.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: servedby.flashtalking.com
Source: global traffic	DNS traffic detected: DNS query: va.v.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: a.tribalfusion.com
Source: global traffic	DNS traffic detected: DNS query: s.tribalfusion.com
Source: global traffic	DNS traffic detected: DNS query: cms.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: px.owneriq.net
Source: global traffic	DNS traffic detected: DNS query: ups.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: jadserve.postrelease.com
Source: global traffic	DNS traffic detected: DNS query: ds.reson8.com
Source: global traffic	DNS traffic detected: DNS query: bttrack.com
Source: global traffic	DNS traffic detected: DNS query: dmpsync.3lift.com
Source: global traffic	DNS traffic detected: DNS query: ag.innovid.com
Source: global traffic	DNS traffic detected: DNS query: rtb.adentifi.com
Source: global traffic	DNS traffic detected: DNS query: sync.crwdcntrl.net
Source: global traffic	DNS traffic detected: DNS query: sync-tm.everesttech.net

Source: unknown

HTTP traffic detected: POST /report/v4?s=bU7FsCbYTb8NykO7uyXX2oMBBPZ2ECJcRn4sAzdeKr%2BdxVyQbM0OVbmDfmVHUv4T0NVgQe8zeCzwfx18Bm7MxqiD7WQTnnZ548Jlvd3GAnu87JSB3wJn0B%2BchmHCT3DQkkZ4sZnp4kfkZZyG2dGNqG%2BUBs6CoS8%2BJaSsPhNZqJt9STw%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 491Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 23 May 2024 22:36:52 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 42Connection: close

Source: chromecache_594.2.dr	String found in binary or memory: http://aka.ms/corebenefits
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: chromecache_458.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_458.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_499.2.dr	String found in binary or memory: http://github.com/aFarkas/lazysizes
Source: chromecache_632.2.dr, chromecache_517.2.dr, chromecache_693.2.dr, chromecache_431.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_615.2.dr	String found in binary or memory: http://github.com/requirejs/domReady
Source: chromecache_615.2.dr	String found in binary or memory: http://github.com/requirejs/requirejs/LICENSE
Source: chromecache_664.2.dr	String found in binary or memory: http://img-prod-cms-rt-microsoft-com.akamaized.net/launch/store/launch-ENf7805d09fd1b455883333cdf34e
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: http://schema.org/Organization
Source: chromecache_381.2.dr, chromecache_698.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_635.2.dr	String found in binary or memory: https://MicrosoftAdvertising.com/support
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: chromecache_494.2.dr	String found in binary or memory: https://accdn.lpsnmedia.net
Source: chromecache_669.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_669.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Source: chromecache_635.2.dr	String found in binary or memory: https://aka.ms/28808
Source: chromecache_594.2.dr	String found in binary or memory: https://aka.ms/SVAFAQ
Source: chromecache_635.2.dr	String found in binary or memory: https://aka.ms/educationsales
Source: chromecache_494.2.dr	String found in binary or memory: https://aka.ms/edusupport
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-manageaddress
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-manageusers
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-payment
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-privacystatement
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-recentorders
Source: chromecache_494.2.dr	String found in binary or memory: https://aka.ms/yourcaliforniaprivacychoices
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: chromecache_494.2.dr	String found in binary or memory: https://analytics.tiktok.com
Source: chromecache_420.2.dr	String found in binary or memory: https://api.company-target.com/api/v2/ip.json?key=70aff8023e038d56ea636f68e5c5922b
Source: chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://assets.onestore.ms
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.0/css/mwf-west-european-default.min.c
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: chromecache_638.2.dr	String found in binary or memory: https://axios-http.com
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: chromecache_569.2.dr	String found in binary or memory: https://breeze.aimon.applicationinsights.io
Source: chromecache_535.2.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=12681
Source: chromecache_535.2.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3334
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzil.la/548397
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=277178
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=308064
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.perf.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.ppe.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.production.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.staging.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Source: chromecache_494.2.dr	String found in binary or memory: https://cdnssl.clicktale.net
Source: chromecache_494.2.dr	String found in binary or memory: https://cdnssl.clicktale.net/www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js
Source: chromecache_635.2.dr	String found in binary or memory: https://checkout.office.com/acquire/purchase
Source: chromecache_635.2.dr	String found in binary or memory: https://checkout.office.com/acquire/purchase/
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: chromecache_594.2.dr	String found in binary or memory: https://community.powerbi.com/
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: chromecache_494.2.dr	String found in binary or memory: https://d.impactradius-event.com
Source: chromecache_569.2.dr	String found in binary or memory: https://dc-int.services.visualstudio.com
Source: chromecache_569.2.dr	String found in binary or memory: https://dc.services.visualstudio.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: chromecache_535.2.dr	String found in binary or memory: https://dev.azure.com/mscomdev/Moray/_workitems/edit/4494
Source: chromecache_535.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values
Source: chromecache_594.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles/Alert_Role
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: chromecache_535.2.dr	String found in binary or memory: https://elad.medium.com/css-position-sticky-how-it-really-works-54cd01dc2d46
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_475.2.dr, chromecache_531.2.dr, chromecache_701.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_638.2.dr	String found in binary or memory: https://github.com/axios/axios.git
Source: chromecache_638.2.dr	String found in binary or memory: https://github.com/axios/axios/issues
Source: chromecache_394.2.dr	String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/es-shims/es5-shim/issues/150
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/kitcambridge/es5-shim/commit/4f738ac066346
Source: chromecache_534.2.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/mozilla/rhino/issues/346
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/tc39/proposal-array-filtering
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_475.2.dr, chromecache_531.2.dr, chromecache_701.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_701.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/w3c/aria-practices/pull/1757
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.26.0/LICENSE
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.27.2/LICENSE
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/1128
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/1130
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/475
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/677
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/86#issuecomment-115759028
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: chromecache_494.2.dr, chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: chromecache_535.2.dr	String found in binary or memory: https://javascript.info/size-and-scroll-window#width-height-of-the-document
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: chromecache_703.2.dr, chromecache_718.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_703.2.dr, chromecache_718.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_703.2.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_494.2.dr	String found in binary or memory: https://js.monitor.azure.com
Source: chromecache_635.2.dr	String found in binary or memory: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: chromecache_535.2.dr	String found in binary or memory: https://keycode.info/table-of-all-keycodes
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: chromecache_521.2.dr	String found in binary or memory: https://login.live.com/Me.srf?wa
Source: chromecache_494.2.dr	String found in binary or memory: https://login.live.com/me.srf?wa=wsignin1.0
Source: chromecache_395.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/forgetuser
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/savedusers?appid
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/uxlogout?appid
Source: chromecache_395.2.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_494.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net
Source: chromecache_506.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le/apps/campaigns/1.15.0-release_1226688692/img/engagementWindow/no-imag
Source: chromecache_635.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_unified_window/10.13.0.5-release_5314/resources/icons/desktop/sprites
Source: chromecache_635.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_unified_window/9.12.0.19-release_4769/resources/loader_on_warmGray5_7
Source: chromecache_494.2.dr	String found in binary or memory: https://lptag.liveperson.net
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Source: chromecache_635.2.dr	String found in binary or memory: https://mcraa.fs.liveperson.com/messaging-agent-availability/api/account/60270350/getSkillAvailabili
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: chromecache_494.2.dr, chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://mem.gfx.ms
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: chromecache_638.2.dr	String found in binary or memory: https://microsoftit.pkgs.visualstudio.com/OneITVSO/_packaging/CSM-SITES-AEMFoundations/npm/registry/
Source: chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://microsoftwindows.112.2o7.net
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: chromecache_494.2.dr	String found in binary or memory: https://office.com/systemrequirements
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://onedrive.live.com/about/en-us/
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://outlook.live.com/owa/
Source: chromecache_669.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: chromecache_494.2.dr	String found in binary or memory: https://products.office.com/en-us/free-productivity-apps
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://products.office.com/en-us/home
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://products.office.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Source: chromecache_494.2.dr	String found in binary or memory: https://products.office.com/microsoft-office-for-home-and-school-faq#cd6f27d6-3bb0-22a8-9228-1385af8
Source: chromecache_494.2.dr	String found in binary or memory: https://publisher.liveperson.net
Source: chromecache_494.2.dr	String found in binary or memory: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m3
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: chromecache_638.2.dr	String found in binary or memory: https://s7d2.scene7.com/is/image/microsoftcorp/mwf-placeholder
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: chromecache_494.2.dr	String found in binary or memory: https://schema.org
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: chromecache_635.2.dr	String found in binary or memory: https://signup-local.azure.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://signup-staging.azure.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://signup.azure.com/
Source: chromecache_703.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: chromecache_594.2.dr	String found in binary or memory: https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.css
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css?c=7
Source: chromecache_669.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_635.2.dr	String found in binary or memory: https://stores.office.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://stores.office.com/subscription/acquire
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ar-sa/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/cs-cz/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/da-dk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/de-ch/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/de-de/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ae/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ca/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-gb/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ie/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-in/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ng/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_494.2.dr	String found in binary or memory: https://support.office.com/en-us/article/accounts-in-office-628ea040-f265-49de-b986-be09c3ebf8a9
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-us/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_494.2.dr	String found in binary or memory: https://support.office.com/en-us/article/what-s-new-in-office-365-95c8d81d-08ba-42c1-914f-bca4603e14
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-za/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-cl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-co/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-es/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-mx/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fi-fi/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fr-ch/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fr-fr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/he-il/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/hu-hu/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/id-id/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/it-it/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ja-jp/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ko-kr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/nb-no/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/nl-nl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pl-pl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pt-br/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pt-pt/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ru-ru/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/sk-sk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/sv-se/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/th-th/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/tr-tr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/vi-vn/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-cn/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-hk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-tw/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.xbox.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot-aec
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype-
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.every
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.filter
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.find
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.findIndex
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.foreach
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.includes
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.indexof
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.map
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.push
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.some
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.splice
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-arrayspeciescreate
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-getmethod
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-hasownproperty
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isarray
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-iscallable
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isconstructor
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isregexp
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-lengthofarraylike
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-math.trunc
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.create
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.defineproperties
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.defineproperty
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.entries
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertydescriptor
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertynames
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.keys
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.prototype.tostring
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.values
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-ordinarytoprimitive
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-parseint-string-radix
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-requireobjectcoercible
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.includes
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trim
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trimend
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trimstart
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-tointegerorinfinity
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-tolength
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-toobject
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-toprimitive
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-topropertykey
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: chromecache_494.2.dr	String found in binary or memory: https://templates.office.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.c
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/-EBq-current.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/Z5BR-network.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/_Fm7-alert.mp3
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/cross.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/def.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/kxFy-clip.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/microsoft.png
Source: chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/minimize.jpeg
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/nOxp-sett.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/okPE-vs.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/qsbs-firewall.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/s-S4-acc.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/stop.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/uZbx-si.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/virus-images.jpeg
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: chromecache_523.2.dr	String found in binary or memory: https://ussearchprod.trafficmanager.net/services/api/v1.0/store/categories
Source: chromecache_635.2.dr	String found in binary or memory: https://va.idp.liveperson.net
Source: chromecache_635.2.dr	String found in binary or memory: https://va.msg.liveperson.net
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: chromecache_594.2.dr	String found in binary or memory: https://www.21vbluecloud.com/dynamics365/
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: chromecache_494.2.dr	String found in binary or memory: https://www.clarity.ms
Source: chromecache_565.2.dr	String found in binary or memory: https://www.clarity.ms/tag/uet/
Source: chromecache_669.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-JNCVPNG0V6
Source: chromecache_669.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_594.2.dr	String found in binary or memory: https://www.microsoftestore.com.hk/partner?locale=zh_HK
Source: chromecache_635.2.dr	String found in binary or memory: https://www.microsoftstore.com.cn/
Source: chromecache_494.2.dr	String found in binary or memory: https://www.office.com/?auth=1
Source: chromecache_494.2.dr	String found in binary or memory: https://www.office.com/?auth=2
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://www.onenote.com/
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://www.skype.com/en/
Source: chromecache_520.2.dr	String found in binary or memory: https://www.xbox.com/
Source: chromecache_494.2.dr	String found in binary or memory: https://www.xbox.com/en-us/games/store/pc-game-pass/cfq7ttc0kgq8?icid=CNavAllPCGamePass
Source: chromecache_494.2.dr	String found in binary or memory: https://www.xbox.com/en-us/games/store/xbox-game-pass-ultimate/cfq7ttc0khs0?icid=CNavAllXboxGamePass
Source: chromecache_669.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 57680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56954
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56953
Source: unknown	Network traffic detected: HTTP traffic on port 57536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57497
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 57576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57707
Source: unknown	Network traffic detected: HTTP traffic on port 57577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57709
Source: unknown	Network traffic detected: HTTP traffic on port 57422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57704
Source: unknown	Network traffic detected: HTTP traffic on port 56937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56981
Source: unknown	Network traffic detected: HTTP traffic on port 57560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57714
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 57575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 57420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57692
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 57681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 57526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 57593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57577
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57578
Source: unknown	Network traffic detected: HTTP traffic on port 57664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57580
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 57548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 57525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 57686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57589
Source: unknown	Network traffic detected: HTTP traffic on port 57647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57590
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 57618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 57658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 56896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 57508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 57607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57529
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57522
Source: unknown	Network traffic detected: HTTP traffic on port 57533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57644
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57525
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57531
Source: unknown	Network traffic detected: HTTP traffic on port 57562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57653
Source: unknown	Network traffic detected: HTTP traffic on port 57671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57417
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57659
Source: unknown	Network traffic detected: HTTP traffic on port 57516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57419
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57654
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57540
Source: unknown	Network traffic detected: HTTP traffic on port 57619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57420
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57422
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57664
Source: unknown	Network traffic detected: HTTP traffic on port 57424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57548
Source: unknown	Network traffic detected: HTTP traffic on port 57601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57549
Source: unknown	Network traffic detected: HTTP traffic on port 56952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57423
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57425
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57547
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57551
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57552
Source: unknown	Network traffic detected: HTTP traffic on port 57509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57675
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57425 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57671
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 57606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56905
Source: unknown	Network traffic detected: HTTP traffic on port 57549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57419 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57562
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57683
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57682
Source: unknown	Network traffic detected: HTTP traffic on port 57580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57607
Source: unknown	Network traffic detected: HTTP traffic on port 57546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57604
Source: unknown	Network traffic detected: HTTP traffic on port 56954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57606
Source: unknown	Network traffic detected: HTTP traffic on port 57684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57721
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57602
Source: unknown	Network traffic detected: HTTP traffic on port 57626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57619
Source: unknown	Network traffic detected: HTTP traffic on port 57417 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57614
Source: unknown	Network traffic detected: HTTP traffic on port 57589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57616
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57612
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56891
Source: unknown	Network traffic detected: HTTP traffic on port 57561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57508
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57509
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57621
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57745
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 57650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 57528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57636
Source: unknown	Network traffic detected: HTTP traffic on port 57423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57639
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57635
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57521
Source: unknown	Network traffic detected: HTTP traffic on port 57556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56981 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Spam, unwanted Advertisements and Ransom Demands

Yara detected TechSupportScam

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\manifest.fingerprint	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_1900_1488550624

Jump to behavior

PE file contains more sections than normal

Source: Google.Widevine.CDM.dll.0.dr

Static PE information: Number of sections : 12 > 10

Source: classification engine

Classification label: mal60.phis.win@40/647@196/56

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=2160,i,415542738888079574,9444747772087432228,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=2160,i,415542738888079574,9444747772087432228,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

Binary string: Google.Widevine.CDM.dll.pdb source: Google.Widevine.CDM.dll.0.dr

PE file contains sections with non-standard names

Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .00cfg
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .gxfg
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .retplne
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .voltbl
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: _RDATA

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll

Jump to dropped file

Drops PE files to the windows directory (C:\Windows)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll

Jump to dropped file

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.186.68	unknown	United States	15169	GOOGLEUS	false
13.107.246.42	part-0014.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.228	unknown	United States	15169	GOOGLEUS	false
3.225.240.85	srm.bf.contentsquare.net	United States	14618	AMAZON-AESUS	false
104.18.24.173	s.tribalfusion.com	United States	13335	CLOUDFLARENETUS	false
63.33.74.9	sync.crwdcntrl.net	United States	16509	AMAZON-02US	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false
54.77.171.181	c.ba.contentsquare.net	United States	16509	AMAZON-02US	false
35.71.131.137	match.adsrvr.org	United States	237	MERIT-AS-14US	false
54.83.114.132	rtb.adentifi.com	United States	14618	AMAZON-AESUS	false
63.140.62.17	msftenterprise.sc.omtrdc.net	United States	15224	OMNITUREUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
192.229.221.185	cs1227.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
52.56.121.62	aragorn-prod-uk-acai-lb.inbake.com	United States	16509	AMAZON-02US	false
152.199.21.175	sni1gl.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
91.228.74.159	global.px.quantserve.com	United Kingdom	27281	QUANTCASTUS	false
35.244.174.68	idsync.rlcdn.com	United States	15169	GOOGLEUS	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false
52.16.8.109	dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	United States	16509	AMAZON-02US	false
216.58.212.164	www.google.com	United States	15169	GOOGLEUS	false
216.58.206.34	googleads.g.doubleclick.net	United States	15169	GOOGLEUS	false
108.138.7.18	d1xbuscas8tetl.cloudfront.net	United States	16509	AMAZON-02US	false
13.107.213.67	part-0039.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
52.212.88.72	unknown	United States	16509	AMAZON-02US	false
157.240.252.35	star-mini.c10r.facebook.com	United States	32934	FACEBOOKUS	false
54.197.98.44	unknown	United States	14618	AMAZON-AESUS	false
18.66.147.58	dh1y47vf5ttia.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
104.17.24.14	cdnjs.cloudflare.com	United States	13335	CLOUDFLARENETUS	false
34.224.59.111	q-aus1.contentsquare.net	United States	14618	AMAZON-AESUS	false
104.18.25.173	a.tribalfusion.com	United States	13335	CLOUDFLARENETUS	false
34.204.105.123	k.bf.contentsquare.net	United States	14618	AMAZON-AESUS	false
13.107.213.45	part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
63.140.62.222	unknown	United States	15224	OMNITUREUS	false
52.21.91.143	unknown	United States	14618	AMAZON-AESUS	false
142.250.185.66	cm.g.doubleclick.net	United States	15169	GOOGLEUS	false
3.75.62.37	ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud	United States	16509	AMAZON-02US	false
212.1.211.36	theflavorsomejourney.com	United States	47583	AS-HOSTINGERLT	false
52.49.110.165	unknown	United States	16509	AMAZON-02US	false
188.114.97.3	trq21files6468h65fdtr65g67h85deploy869.pages.dev	European Union	13335	CLOUDFLARENETUS	false
66.235.152.156	adobetarget.data.adobedc.net	United States	15224	OMNITUREUS	false
54.85.171.103	dco-ats-00-1519508033.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
13.107.246.67	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.129.229	jsdelivr.map.fastly.net	United States	54113	FASTLYUS	false
3.71.149.231	unknown	United States	16509	AMAZON-02US	false
13.107.246.60	part-0032.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
151.101.1.192	liveperson.map.fastly.net	United States	54113	FASTLYUS	false
185.89.210.82	ib.anycast.adnxs.com	Germany	29990	ASN-APPNEXUS	false
18.215.226.206	unknown	United States	14618	AMAZON-AESUS	false
192.132.33.68	bttrack.com	United States	18568	BIDTELLECTUS	false
76.223.111.18	eu-eb2.3lift.com	United States	16509	AMAZON-02US	false
104.244.42.67	unknown	United States	13414	TWITTERUS	false
104.244.42.3	s.twitter.com	United States	13414	TWITTERUS	false
104.18.11.207	stackpath.bootstrapcdn.com	United States	13335	CLOUDFLARENETUS	false
35.186.249.72	d.impactradius-event.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
jsdelivr.map.fastly.net	151.101.129.229	true
s.tribalfusion.com	104.18.24.173	true
cs1100.wpc.omegacdn.net	152.199.23.37	true
global.px.quantserve.com	91.228.74.159	true
sni1gl.wpc.alphacdn.net	152.199.21.175	true
theflavorsomejourney.com	212.1.211.36	true
eu-eb2.3lift.com	76.223.111.18	true
bttrack.com	192.132.33.68	true
part-0039.t-0009.t-msedge.net	13.107.213.67	true
adobetarget.data.adobedc.net	66.235.152.156	true
dco-ats-00-1519508033.us-east-1.elb.amazonaws.com	54.85.171.103	true
part-0017.t-0009.t-msedge.net	13.107.213.45	true
idsync.rlcdn.com	35.244.174.68	true
c.ba.contentsquare.net	54.77.171.181	true
ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud	3.75.62.37	true
sync.crwdcntrl.net	63.33.74.9	true
cdnjs.cloudflare.com	104.17.24.14	true
part-0014.t-0009.t-msedge.net	13.107.246.42	true
cm.g.doubleclick.net	142.250.185.66	true
rtb.adentifi.com	54.83.114.132	true
www.google.com	216.58.212.164	true
cs1227.wpc.alphacdn.net	192.229.221.185	true
d.impactradius-event.com	35.186.249.72	true
liveperson.map.fastly.net	151.101.1.192	true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com	52.16.8.109	true
msftenterprise.sc.omtrdc.net	63.140.62.17	true
match.adsrvr.org	35.71.131.137	true
aragorn-prod-uk-acai-lb.inbake.com	52.56.121.62	true
stackpath.bootstrapcdn.com	104.18.11.207	true
star-mini.c10r.facebook.com	157.240.252.35	true
a.nel.cloudflare.com	35.190.80.1	true
trq21files6468h65fdtr65g67h85deploy869.pages.dev	188.114.97.3	true
s.twitter.com	104.244.42.3	true
microsoftwindows.112.2o7.net	63.140.62.17	true
maxcdn.bootstrapcdn.com	104.18.11.207	true
part-0032.t-0009.t-msedge.net	13.107.246.60	true
k.bf.contentsquare.net	34.204.105.123	true
q-aus1.contentsquare.net	34.224.59.111	true
srm.bf.contentsquare.net	3.225.240.85	true
googleads.g.doubleclick.net	216.58.206.34	true
a.tribalfusion.com	104.18.25.173	true
dh1y47vf5ttia.cloudfront.net	18.66.147.58	true
ib.anycast.adnxs.com	185.89.210.82	true
d1xbuscas8tetl.cloudfront.net	108.138.7.18	true
js.monitor.azure.com	unknown	unknown
ats.everesttech.net	unknown	unknown
ag.innovid.com	unknown	unknown
idpix.media6degrees.com	unknown	unknown
va.v.liveperson.net	unknown	unknown
px.owneriq.net	unknown	unknown
cm.everesttech.net	unknown	unknown
static-assets.fs.liveperson.com	unknown	unknown
jadserve.postrelease.com	unknown	unknown
dmpsync.3lift.com	unknown	unknown
accdn.lpsnmedia.net	unknown	unknown
rtd.tubemogul.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
logincdn.msftauth.net	unknown	unknown
px.ads.linkedin.com	unknown	unknown
identity.nel.measure.office.net	unknown	unknown
cms.analytics.yahoo.com	unknown	unknown
sync-tm.everesttech.net	unknown	unknown
lpcdn.lpsnmedia.net	unknown	unknown
c.clicktale.net	unknown	unknown
cdn.jsdelivr.net	unknown	unknown
ds.reson8.com	unknown	unknown
assets.onestore.ms	unknown	unknown
ups.analytics.yahoo.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
q-aus1.clicktale.net	unknown	unknown
s.clarity.ms	unknown	unknown
publisher.liveperson.net	unknown	unknown
cdnssl.clicktale.net	unknown	unknown
dpm.demdex.net	unknown	unknown
rtd-tm.everesttech.net	unknown	unknown
servedby.flashtalking.com	unknown	unknown
www.facebook.com	unknown	unknown
k-aus1.clicktale.net	unknown	unknown
www.clarity.ms	unknown	unknown
www.linkedin.com	unknown	unknown
mscom.demdex.net	unknown	unknown
mem.gfx.ms	unknown	unknown
analytics.twitter.com	unknown	unknown
c.s-microsoft.com	unknown	unknown
cms.quantserve.com	unknown	unknown
support.content.office.net	unknown	unknown
analytics.tiktok.com	unknown	unknown
ib.adnxs.com	unknown	unknown
login.microsoftonline.com	unknown	unknown
lptag.liveperson.net	unknown	unknown
acctcdn.msftauth.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTkQABoNCP6Jv7IGEgUI6AcQAEIASgA	false	Avira URL Cloud: safe	unknown
https://cdnssl.clicktale.net/ptc/05d32363-d534-4d93-9b65-cde674775e71.js	false	URL Reputation: safe	unknown
https://cdnssl.clicktale.net/www/bridge-WR110.js	false	URL Reputation: safe	unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTk=	false	Avira URL Cloud: safe	unknown
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0	false	URL Reputation: safe	unknown
https://mem.gfx.ms/scripts/me/MeControl/10.24086.4/en-US/meCore.min.js	false	Avira URL Cloud: safe	unknown
https://mscom.demdex.net/dest5.html?d_nsid=0	false	URL Reputation: safe	unknown
https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	false		unknown
https://rtb.adentifi.com/CookieSyncAdobe	false	URL Reputation: safe	unknown
https://mem.gfx.ms/scripts/me/MeControl/10.24086.4/en-US/meBoot.min.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/FetchSessions_Core_IjgrZlvKzcbjDk5QwpFvYA2.js	false	Avira URL Cloud: safe	unknown
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID	false	URL Reputation: safe	unknown
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-OSLqy1tE2pEYvXmujNgAsL7LbLsq.VOxt4c-~A	false	Avira URL Cloud: safe	unknown
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=72378840570020671911577873055171083719?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}	false	Avira URL Cloud: safe	unknown
https://c.clicktale.net/pageEvent?value=H4sIAAAAAAAAA3POz0vLTLdSCErNSU0sTo03MjAyNjA1NAQA5ZGESRgAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&r=713652	false	Avira URL Cloud: safe	unknown
https://analytics.twitter.com/i/adsct?p_user_id=72378840570020671911577873055171083719&p_id=38594	false	Avira URL Cloud: safe	unknown

AV Detection

Antivirus / Scanner detection for submitted sample

Source: http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/	Avira URL Cloud: detection malicious, Label: phishing
Source: http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/	SlashNext: detection malicious, Label: Scareware type: Phishing & Social Engineering

Phishing

Yara detected TechSupportScam

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML

AI detected suspicious javascript

Source: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/

Form action URLs do not match main URL

HTTP Parser: Form action: https://www.microsoft.com/cascadeauth/account/signin-oidc live microsoft

Found iframes

HTTP Parser: Iframe src: https://login.live.com/Me.htm?v=3

HTML body contains low number of good links

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: Number of links: 0
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: Title: Redirecting does not match URL
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: Title: Continue does not match URL

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No favicon
Source: https://support.microsoft.com/en-us/silentsigninhandler	HTTP Parser: No favicon
Source: https://login.microsoftonline.com/savedusers?appid=ee272b19-4411-433f-8f28-5c13cb6fd407&wreply=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&uaid=746ba4c3-b1e5-4328-fb1e-71381d8a12cd&partnerId=smcconvergence&idpflag=proxy	HTTP Parser: No favicon
Source: https://fpt.microsoft.com/tags?session_id=973db2fe-578c-45cf-98bc-7eeca87fd29e	HTTP Parser: No favicon
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: No favicon
Source: https://www.microsoft.com/cascadeauth/store/account/silentauth?auth=None	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales	HTTP Parser: No favicon
Source: https://developer.microsoft.com/en-us/	HTTP Parser: No favicon
Source: https://developer.microsoft.com/en-us/	HTTP Parser: No favicon

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=638521005611787462.MDg4MmZiYmUtNWZiMS00OWMzLWEzOGEtOGM5NGFlYTcyYWQ2OTY5YjI4YTctYzM1MC00YWRkLWE0NGQtZmI5NDQxNGIzZDk5&prompt=none&nopa=2&state=CfDJ8CiTzr73KWNFsUGcHEnPeJpjUT68RJZjz8Soj6loQzkSiYTKac59r9tNCocOAbAX1tGuN6RLZl63Xj0onz-qrtPimVSKycmSoGosFIvIFacqYF8BDrTkcXM4FQ9UYjrErvO17B9KEBkvXG9qmnxOffa2pFF0jDsJj3Dv4islrSkELB6gPYRXpYUvmMYRQLvolUiboGyWYIPNYrLy1OfDty3LpU52jeYh0cy9VRvQTvld3MBbi8aLlEhlhb7rVRRkcbFmFlrIheR7l-V7lnQ_5WYE0kMxRAYznDIXG9Fdt7AJ1DS_zrVBxNuo17v-2tjBxnYhBUl1f3WzqtcRljyIW4uXLHE-0Qe7Tc5ZbVJFvR-u&x-client-SKU=ID_NET6_0&x-client-ver=6.35.0.0	HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/oauth20_authorize.srf?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&scope=openid+profile+offline_access&redirect_uri=https%3a%2f%2fwww.microsoft.com%2fcascadeauth%2faccount%2fsignin-oidc&response_type=code&state=CfDJ8ErKcMLaah5Eq24B2tGmvfzDArIJvB_LkIf-WnRgOzYxDNrlnSz09mv2v2tVjZO9MGm7f80kMbOGKlTjNFTMei8x2KvjX__V1rv26S69rSaYvuUha5sDvLJHQ_ByaIJIgwiLnu_pvd1J5cLP9CTxsjPEa_2gPQ2cbqrZl7tgpfdEeZS4tOeKinQ3RBEKCZ8rR840OlmkRdqihfk210etXMuV-jToY38Xkt58xMVgvRaiVy_dyzZFj88r7iSL2BKENOlDNrMcnpOHLJLD_JfcZBIYDtihzI-d8f6LDLkEO6HrHpdX7CZ0Y8-VbDtXeyJUn9C6RJ6rsmfrVqROT7rIpCfndun4NfFRDiS8YTOKk5DIrNjkGHEpZbiiXxjVL_C0DltKYZC7clipB58vgFY7Nqa_cN-aGwjYfzuRBGLyM2Sla0mCdPx2cJinRU04qEU3BEv9ivTFXrLF-Qj_Dj6l2-FMK9xyqyWBySV4cKOriBHWJGb-b5j1VfCPkWOm4egOMoR-Rbpam7lhzIsTCLDit_s&response_mode=form_post&nonce=638521005992226987.NDlhZGNjOTItZjA2MC00MGUzLWFmOGYtNzEzYWI5MzdhMmY1NzI5MDVhMDUtMjZmZC00YTU2LWJkNmYtNDM3MmYzOWM0MDBl&prompt=none&code_challenge=InRczbx87LKRZjPsaTvOaP6WqlhXU7EvOr5SRXnVJCE&code_challenge_method=S256&x-cl...	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Source:

Binary string: Google.Widevine.CDM.dll.pdb source: Google.Widevine.CDM.dll.0.dr

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:49732 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:56886 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:57377 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.221.95
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: trq21files6468h65fdtr65g67h85deploy869.pages.devConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1Host: stackpath.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/stars2.html HTTP/1.1Host: trq21files6468h65fdtr65g67h85deploy869.pages.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://trq21files6468h65fdtr65g67h85deploy869.pages.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1Host: maxcdn.bootstrapcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://trq21files6468h65fdtr65g67h85deploy869.pages.devsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meBoot.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=SMCConvergence&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/FetchSessions_Core_IjgrZlvKzcbjDk5QwpFvYA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.shared.analytics.mectrl-3.gbl.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meBoot.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/me/MeControl/10.24086.4/en-US/meCore.min.js HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://support.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://support.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000/content/js/MeControl_v6QmZT1KIHvYorogrcRgqA2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1Host: wcpstatic.microsoft.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MC1=GUID=749eee6039c5489b9db3000c7ab3f399&HASH=749e&LV=202310&V=4&LU=1696413236917; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE; MS0=fd15699f2c63443491f747f9a545ba9d; ak_bmsc=0CB1935048BEA155827AA6E6EDA31FF5~000000000000000000000000000000~YAAQjmQQAq4FmIaPAQAAybqYpxfN9X/sJsP/IL6zKjmmgDVkY5U3v4iGF/U5OZv5RXhoo8zjM1DlTKQMsiVE3VYHfd0Rl9tPvsWu0tz0U6NETkhe1/pE20W3Qj4zMvd31Rig6wNyRyH85ccMG4ihYYteFGfeDvFhWR9vpvbJO2hn6CkqAXAF3fjdYM6/StylOGJcZ01tI3uZHts5nWk8NhxwpgPFdZJWW17wXku90fCCLZLeCoJxGMQCmc8JxfWF4LN3Kcp/TkMZcdaPt+CBLrM6U5CmTeEPKx4tXEdXv4xf/UFy1/1KjBP6ciltjRG//0KrWveyznfnY+T5INt+67Cjj1QJs1BQxlxR6aXX8YqMiO1VKK4n57ycl0eH
Source: global traffic	HTTP traffic detected: GET /meversion?partner=OfficeProducts&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m365-en-us&buttons=lpChatSales HTTP/1.1Host: publisher.liveperson.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1716503801998 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /A1133099-331c-4cdf-89b0-06dc20e168021.js HTTP/1.1Host: d.impactradius-event.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ptc/05d32363-d534-4d93-9b65-cde674775e71.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=72660298351804206001531652407700886728&ts=1716503803011 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: mscom.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1716503801998 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=72660298351804206001531652407700886728&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MC1%01749eee6039c5489b9db3000c7ab3f399%012&ts=1716503804106 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: /Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=72660298351804206001531652407700886728&ts=1716503803011 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /365868.gif?partner_uid=72378840570020671911577873055171083719 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1000.gif?memo=CKyqFhIxCi0IARCYEhomNzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTkQABoNCP6Jv7IGEgUI6AcQAEIASgA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=LeVVnUyTmNA3U2ykaICJw+5tKjzmC9uDsEHjABqijs8=; pxrc=CAA=
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=OVgvsJk18m_6KbgXp1P3_MDjDWR-gNl2SWh7HnpRYXgMrgq0lrmrhEdAvBxHr-6LIPxgAtZ3lQ0AfwBMfao4jB_CiXWGLiKlLwesmCVJQpc.; receive-cookie-deprecation=1; uuid2=7757911967533041082
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTk= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rest/v1/delivery?client=microsoftmscompoc&sessionId=5ffd710930574ea08a00a15e67000b16&version=2.4.0 HTTP/1.1Host: target.microsoft.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MC1=GUID=749eee6039c5489b9db3000c7ab3f399&HASH=749e&LV=202310&V=4&LU=1696413236917; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE; MS0=fd15699f2c63443491f747f9a545ba9d; ak_bmsc=0CB1935048BEA155827AA6E6EDA31FF5~000000000000000000000000000000~YAAQjmQQAq4FmIaPAQAAybqYpxfN9X/sJsP/IL6zKjmmgDVkY5U3v4iGF/U5OZv5RXhoo8zjM1DlTKQMsiVE3VYHfd0Rl9tPvsWu0tz0U6NETkhe1/pE20W3Qj4zMvd31Rig6wNyRyH85ccMG4ihYYteFGfeDvFhWR9vpvbJO2hn6CkqAXAF3fjdYM6/StylOGJcZ01tI3uZHts5nWk8NhxwpgPFdZJWW17wXku90fCCLZLeCoJxGMQCmc8JxfWF4LN3Kcp/TkMZcdaPt+CBLrM6U5CmTeEPKx4tXEdXv4xf/UFy1/1KjBP6ciltjRG//0KrWveyznfnY+T5INt+67Cjj1QJs1BQxlxR6aXX8YqMiO1VKK4n57ycl0eH; fptctx2=H3ihr9e92IdW6yd1ZgQ9SyoufAf2k3o4JywpA2nh2nOi1AvIQZ3Ykxhpnew6ecz4A4O8YYBfHg3xMw4gAepW%252bIBg4FOQpbiRMnyQZCuLJMsOAEdB4toSY8%252flXvBLeaDOA2%252bZIQhNkkOEMlTw1PWtSKI9JyeMr90CACzyvJV1aSdhl2oV4TZkTWJbAh8y%252fzphyxUkT8l90pSzCHTVgbelOv4gVn4TT3YxgmcHx0G8wUbUNg4xBT8lUIE4euRb7K6MKe0AaedZwwJu5vXqShkM4lZe2r9dF5A2O%252f%252foUzvkJwomf3WerrFVAR7GjwO8VbRVWayKPamgPtWIekmevzKYTA%253d%253d; MSCC=NR; _cs_c=0; at_check=true; AMCVS_EA76ADE95776D2EC7F000101%40AdobeOrg=1; IR_gbd=microsoft.com; IR_7593=1716503803218%7C0%7C1716503803218%7C%7C; mbox=session#5ffd710930574ea08a00a15e67000b16#1716505663\|PC#5ffd710930574ea08a00a15e67000b16.37_0#1750690504; AMCV_EA76ADE95776D2EC7F000101%40AdobeOrg=1585540135%7CMCIDTS%7C19867%7CMCMID%7C72660298351804206001531652407700886728%7CMCAAMLH-1717108605%7C6%7CMCAAMB-1717108605%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C435590578%7CMCOPTOUT-1716511005s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=72660298351804206001531652407700886728&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MC1%01749eee6039c5489b9db3000c7ab3f399%012&ts=1716503804106 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=1770559986549030&ev=PixelInitialized&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/viewthroughconversion/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ats/ats?cmd=RT&AdvertiserID=4249&platform=TUMRI&ActionID=20114&ActionName=Microsoft_Store_RT_Pixel&ut1=&ut2=en&ut3=us&cachebuster=202908449 HTTP/1.1Host: ats.everesttech.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tr?id=undefined&ev=PageView&dpo=LDU&dpoco=0&dpost=0&ts=1716503802203 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=be4b5e6f6269a023e59a45b762759084e594b199f79e6e18cdd11f2dfe61bca5b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=358&dpuuid=7757911967533041082 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzIzNzg4NDA1NzAwMjA2NzE5MTE1Nzc4NzMwNTUxNzEwODM3MTk=&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zk-FAAAAAM8F5gN6 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591
Source: global traffic	HTTP traffic detected: GET /ats/ats?cmd=RT&AdvertiserID=4249&platform=TUMRI&ActionID=20114&ActionName=Microsoft_Store_RT_Pixel&ut1=&ut2=en&ut3=us&cachebuster=202908449 HTTP/1.1Host: ats.everesttech.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: everest_g_v2=g_surferid~Zk-FAAAAAKilnwpG
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory&is_vtc=1&cid=CAQSGwDaQooLtVEYjG7zmLoJgdIeMMrTDjH5o-bbKw&random=844679743 HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pcc/05d32363-d534-4d93-9b65-cde674775e71.js?DeploymentConfigName=Release_20230511&Version=2 HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=477&dpuuid=be4b5e6f6269a023e59a45b762759084e594b199f79e6e18cdd11f2dfe61bca5b0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591; dpm=72378840570020671911577873055171083719
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=358&dpuuid=7757911967533041082 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEBK54gN4zjgIohiLq_KbTgY&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Zk-FAAAAAKilnwpG HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Zk-FAAAAAM8F5gN6 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /www/bridge-WR110.js HTTP/1.1Host: cdnssl.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pagead/1p-user-list/923371515/?guid=ON&script=0&url=www.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products&data=ecomm_pagetype%3Dcategory&is_vtc=1&cid=CAQSGwDaQooLtVEYjG7zmLoJgdIeMMrTDjH5o-bbKw&random=844679743 HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=992&dpuuid=s4y749by9xbx HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670
Source: global traffic	HTTP traffic detected: GET /i/adsct?p_user_id=72378840570020671911577873055171083719&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEBK54gN4zjgIohiLq_KbTgY&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Zk-FAAAAAKilnwpG HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /microsoft/lp_ada_enhancements-prod.js HTTP/1.1Host: static-assets.fs.liveperson.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/4000034?insights=1 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /i/adsct?p_user_id=72378840570020671911577873055171083719&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_FIfC9jS/elpG+zqJcGWKOg=="
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=992&dpuuid=s4y749by9xbx HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598
Source: global traffic	HTTP traffic detected: GET /track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageview?ex=&pvt=n&la=en-US&uc=0&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbuy%2Fcompare-all-microsoft-365-products%3Focid%3Dcmmibbws4d3&dr=&dw=1263&dh=11133&ww=1280&wh=907&sw=1280&sh=1024&uu=c5618302-fdc5-a614-8275-d152865b9a64&sn=1&hd=1716503809&v=13.89.2&pid=2422&pn=1&r=787156 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageEvent?value=H4sIAAAAAAAAAwsIcVZwD%2FV0UahRMDBNMTYyNjPWTTE1NtE1SbE01rVMMjPVTU5JNTM3MTc3TTU3BAC5OujJLwAAAA%3D%3D&ct=2&isETR=false&isCustomHashId=false&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&r=615088 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pageEvent?value=H4sIAAAAAAAAA3POz0vLTLdSCErNSU0sTo03MjAyNjA1NAQA5ZGESRgAAAA%3D&ct=2&isETR=false&isCustomHashId=false&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&r=713652 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dvar?v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&dv=H4sIAAAAAAAAA1WQUU%2FCMBSF%2F8rNXtBII2NsE9%2FKJEjigIwSjYSQrq3SMFfSdShR%2F7t3YDC%2B9LbJud85p5%2FejCXrUa2ld%2Bt1Qhl0gyggMgx6pCf7AennUUiEVFHci%2BNQxb7X9uhgTdk6pRkbJvewYOOH8TNl4%2BkEsuFsmrHxZAQEElM6LhzQapty65TYwIuxcKcc1wWaMcvFVpevMC2LA%2BmeuX4U9n3cp9cUVMnzotFwIWrLnQLZDG1KUJXTb6drXTWS1qgwOS9w81HleM6skS2g0uQKaMmLg9OiAqt2xjqoau0UhuD8aCfO7kZoiW5O77U7oGD4sVNWq1Ig5Czq4soNWiwX8zbQRRtGgxWkQRTCE68lJBtjKmXhCzIutcBM%2BwDVzAc0PcVH8hGS%2FNUOwk6nqV2880NFsFbzATiWc2es%2Bi0EV%2FDveUGH6eUKaZSSI4H53vcPC53OgdQBAAA%3D&ct=2&r=303855 HTTP/1.1Host: c.clicktale.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=19374f99-d6db-4f7b-a4fe-72bf20b05602; TDCPM=CAEYBSgCMgsI3KHso_Lg_TwQBTgB
Source: global traffic	HTTP traffic detected: GET /quota?ct=0 HTTP/1.1Host: q-aus1.clicktale.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/0.7.32/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /exist?v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64 HTTP/1.1Host: srm.bf.contentsquare.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=903&dpuuid=19374f99-d6db-4f7b-a4fe-72bf20b05602 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594
Source: global traffic	HTTP traffic detected: GET /microsoft/lp_ada_enhancements-prod.css HTTP/1.1Host: static-assets.fs.liveperson.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://publisher.liveperson.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=sG6TrOVtl_6rPJ_4vmyK-rE5lKyrbcT64GGDOunU HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /v2/recording?rt=5&rst=1716503809443&let=1716503810460&v=13.89.2&pid=2422&pn=1&sn=1&uu=c5618302-fdc5-a614-8275-d152865b9a64&ri=1&ct=2 HTTP/1.1Host: k-aus1.clicktale.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=903&dpuuid=19374f99-d6db-4f7b-a4fe-72bf20b05602 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=sG6TrOVtl_6rPJ_4vmyK-rE5lKyrbcT64GGDOunU HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=375E6F2E0D8F6B9C2CEB7C8E098F6DFE HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595
Source: global traffic	HTTP traffic detected: GET /i.match?p=b13&u=72378840570020671911577873055171083719&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=5987F6E2F7C141&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595
Source: global traffic	HTTP traffic detected: GET /z/i.match?p=b13&u=72378840570020671911577873055171083719&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=a2noeUP3rTnCiAyVqEeyKcytXR4VTnNG17qWAhk4
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=5987F6E2F7C141&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595
Source: global traffic	HTTP traffic detected: GET /cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588
Source: global traffic	HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608
Source: global traffic	HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=72378840570020671911577873055171083719&gdpr=0&gdpr_consent=&uid=72378840570020671911577873055171083719&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBAnFT2YCENDRNj3bpcbRkTnRWeLFmRkFEgEBAQEWUWZZZtwr0iMA_eMAAA&S=AQAAApIiPj3t1um2hYKYmn8RpCE
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7697902171003068425 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-OSLqy1tE2pEYvXmujNgAsL7LbLsq.VOxt4c-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=74046702784C14D49B7C5540D1970004 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /dmp/adobe/user?dd_uuid=72378840570020671911577873055171083719 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7697902171003068425 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-OSLqy1tE2pEYvXmujNgAsL7LbLsq.VOxt4c-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=24da9327-a94f-478f-bdc7-88d8e65f4ad5 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597
Source: global traffic	HTTP traffic detected: GET /getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=74046702784C14D49B7C5540D1970004 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597
Source: global traffic	HTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4032393584120932514922; tluid=4032393584120932514922
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=24da9327-a94f-478f-bdc7-88d8e65f4ad5 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973
Source: global traffic	HTTP traffic detected: GET /dv/sync?tid=6 HTTP/1.1Host: ag.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4032393584120932514922&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973
Source: global traffic	HTTP traffic detected: GET /CookieSyncAdobe HTTP/1.1Host: rtb.adentifi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=32d85a54-20a8-4a6d-8b5d-0219223327c9 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4032393584120932514922&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668\|121998-1-1716503823593
Source: global traffic	HTTP traffic detected: GET /map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=72378840570020671911577873055171083719?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=32d85a54-20a8-4a6d-8b5d-0219223327c9 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=72378840570020671911577873055171083719; dpm=72378840570020671911577873055171083719; dextp=358-1-1716503804179\|477-1-1716503804630\|771-1-1716503805868\|782-1-1716503806591\|992-1-1716503807670\|1123-1-1716503808598\|903-1-1716503809593\|1175-1-1716503810594\|1957-1-1716503811590\|3047-1-1716503812595\|22054-1-1716503813595\|30646-1-1716503814588\|53196-1-1716503815608\|38117-1-1716503816707\|57282-1-1716503817827\|49276-1-1716503818593\|72352-1-1716503819597\|80742-1-1716503821973\|81309-1-1716503822668\|121998-1-1716503823593
Source: global traffic	HTTP traffic detected: GET /map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=72378840570020671911577873055171083719?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_cc=ctst
Source: global traffic	HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://developer.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /meversion?partner=MSDev-Community&market=en-us&uhf=1 HTTP/1.1Host: mem.gfx.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://developer.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_430.2.dr	String found in binary or memory: "//www.linkedin.com/shareArticle?mini=true&url=" + equals www.linkedin.com (Linkedin)
Source: chromecache_430.2.dr	String found in binary or memory: url: "//www.facebook.com/share.php?u=" + h, equals www.facebook.com (Facebook)
Source: chromecache_669.2.dr	String found in binary or memory: Math.round(p);u["gtm.videoCurrentTime"]=Math.round(q);u["gtm.videoElapsedTime"]=Math.round(f);u["gtm.videoPercent"]=r;u["gtm.videoVisible"]=t;return u},bk:function(){e=Db()},pd:function(){d()}}};var ic=ma(["data-gtm-yt-inspected-"]),GC=["www.youtube.com","www.youtube-nocookie.com"],HC,IC=!1; equals www.youtube.com (Youtube)
Source: chromecache_669.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=oA(a,c,e);P(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return P(122),!0;if(d&&f){for(var m=Nb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},rA=function(){var a=[],b=function(c){return tb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_669.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Wg:d,Ug:e,Vg:f,Lh:g,Mh:h,xe:m,Ab:b},p=G.YT,q=function(){OC(n)};if(p)return p.ready&&p.ready(q),b;var r=G.onYouTubeIframeAPIReady;G.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),v=t.length,u=0;u<v;u++){var w=t[u].getAttribute("src");if(RC(w,"iframe_api")\|\|RC(w,"player_api"))return b}for(var y=H.getElementsByTagName("iframe"),x=y.length,B=0;B<x;B++)if(!IC&&PC(y[B],n.xe))return yc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_669.2.dr	String found in binary or memory: var TB=function(a,b,c,d,e){var f=Mz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Mz("fsl","nv.ids",[]):Mz("fsl","ids",[]);if(!g.length)return!0;var h=Rz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);P(121);if("https://www.facebook.com/tr/"===m)return P(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!yy(h,zy(b, equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: trq21files6468h65fdtr65g67h85deploy869.pages.dev
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: stackpath.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: maxcdn.bootstrapcdn.com
Source: global traffic	DNS traffic detected: DNS query: theflavorsomejourney.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: c.s-microsoft.com
Source: global traffic	DNS traffic detected: DNS query: js.monitor.azure.com
Source: global traffic	DNS traffic detected: DNS query: mem.gfx.ms
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: support.content.office.net
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: assets.onestore.ms
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: microsoftwindows.112.2o7.net
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: lptag.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: lpcdn.lpsnmedia.net
Source: global traffic	DNS traffic detected: DNS query: accdn.lpsnmedia.net
Source: global traffic	DNS traffic detected: DNS query: publisher.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: d.impactradius-event.com
Source: global traffic	DNS traffic detected: DNS query: cdnssl.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: analytics.tiktok.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: mscom.demdex.net
Source: global traffic	DNS traffic detected: DNS query: msftenterprise.sc.omtrdc.net
Source: global traffic	DNS traffic detected: DNS query: www.facebook.com
Source: global traffic	DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic	DNS traffic detected: DNS query: px.ads.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: ats.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global traffic	DNS traffic detected: DNS query: rtd.tubemogul.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: rtd-tm.everesttech.net
Source: global traffic	DNS traffic detected: DNS query: idpix.media6degrees.com
Source: global traffic	DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic	DNS traffic detected: DNS query: static-assets.fs.liveperson.com
Source: global traffic	DNS traffic detected: DNS query: q-aus1.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: c.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: match.adsrvr.org
Source: global traffic	DNS traffic detected: DNS query: srm.bf.contentsquare.net
Source: global traffic	DNS traffic detected: DNS query: k-aus1.clicktale.net
Source: global traffic	DNS traffic detected: DNS query: cms.quantserve.com
Source: global traffic	DNS traffic detected: DNS query: s.clarity.ms
Source: global traffic	DNS traffic detected: DNS query: servedby.flashtalking.com
Source: global traffic	DNS traffic detected: DNS query: va.v.liveperson.net
Source: global traffic	DNS traffic detected: DNS query: a.tribalfusion.com
Source: global traffic	DNS traffic detected: DNS query: s.tribalfusion.com
Source: global traffic	DNS traffic detected: DNS query: cms.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: px.owneriq.net
Source: global traffic	DNS traffic detected: DNS query: ups.analytics.yahoo.com
Source: global traffic	DNS traffic detected: DNS query: jadserve.postrelease.com
Source: global traffic	DNS traffic detected: DNS query: ds.reson8.com
Source: global traffic	DNS traffic detected: DNS query: bttrack.com
Source: global traffic	DNS traffic detected: DNS query: dmpsync.3lift.com
Source: global traffic	DNS traffic detected: DNS query: ag.innovid.com
Source: global traffic	DNS traffic detected: DNS query: rtb.adentifi.com
Source: global traffic	DNS traffic detected: DNS query: sync.crwdcntrl.net
Source: global traffic	DNS traffic detected: DNS query: sync-tm.everesttech.net

Source: unknown

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 23 May 2024 22:36:52 GMTContent-Type: text/plain; charset=UTF-8Content-Length: 42Connection: close

Source: chromecache_594.2.dr	String found in binary or memory: http://aka.ms/corebenefits
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
Source: chromecache_458.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_458.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_499.2.dr	String found in binary or memory: http://github.com/aFarkas/lazysizes
Source: chromecache_632.2.dr, chromecache_517.2.dr, chromecache_693.2.dr, chromecache_431.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_615.2.dr	String found in binary or memory: http://github.com/requirejs/domReady
Source: chromecache_615.2.dr	String found in binary or memory: http://github.com/requirejs/requirejs/LICENSE
Source: chromecache_664.2.dr	String found in binary or memory: http://img-prod-cms-rt-microsoft-com.akamaized.net/launch/store/launch-ENf7805d09fd1b455883333cdf34e
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0A
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0C
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://ocsp.digicert.com0X
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: http://schema.org/Organization
Source: chromecache_381.2.dr, chromecache_698.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: Google.Widevine.CDM.dll.0.dr	String found in binary or memory: http://www.digicert.com/CPS0
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_635.2.dr	String found in binary or memory: https://MicrosoftAdvertising.com/support
Source: sets.json.0.dr	String found in binary or memory: https://abczdrowie.pl
Source: chromecache_494.2.dr	String found in binary or memory: https://accdn.lpsnmedia.net
Source: chromecache_669.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_669.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Source: chromecache_635.2.dr	String found in binary or memory: https://aka.ms/28808
Source: chromecache_594.2.dr	String found in binary or memory: https://aka.ms/SVAFAQ
Source: chromecache_635.2.dr	String found in binary or memory: https://aka.ms/educationsales
Source: chromecache_494.2.dr	String found in binary or memory: https://aka.ms/edusupport
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-manageaddress
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-manageusers
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-payment
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-privacystatement
Source: chromecache_638.2.dr	String found in binary or memory: https://aka.ms/mac-recentorders
Source: chromecache_494.2.dr	String found in binary or memory: https://aka.ms/yourcaliforniaprivacychoices
Source: sets.json.0.dr	String found in binary or memory: https://alice.tw
Source: chromecache_494.2.dr	String found in binary or memory: https://analytics.tiktok.com
Source: chromecache_420.2.dr	String found in binary or memory: https://api.company-target.com/api/v2/ip.json?key=70aff8023e038d56ea636f68e5c5922b
Source: chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://assets.onestore.ms
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.0/css/mwf-west-european-default.min.c
Source: sets.json.0.dr	String found in binary or memory: https://autobild.de
Source: chromecache_638.2.dr	String found in binary or memory: https://axios-http.com
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: sets.json.0.dr	String found in binary or memory: https://baomoi.com
Source: sets.json.0.dr	String found in binary or memory: https://bild.de
Source: sets.json.0.dr	String found in binary or memory: https://blackrock.com
Source: sets.json.0.dr	String found in binary or memory: https://blackrockadvisorelite.it
Source: sets.json.0.dr	String found in binary or memory: https://bluradio.com
Source: sets.json.0.dr	String found in binary or memory: https://bolasport.com
Source: sets.json.0.dr	String found in binary or memory: https://bonvivir.com
Source: chromecache_569.2.dr	String found in binary or memory: https://breeze.aimon.applicationinsights.io
Source: chromecache_535.2.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=12681
Source: chromecache_535.2.dr	String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3334
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzil.la/548397
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=277178
Source: chromecache_535.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=308064
Source: sets.json.0.dr	String found in binary or memory: https://bumbox.com
Source: sets.json.0.dr	String found in binary or memory: https://businessinsider.com.pl
Source: sets.json.0.dr	String found in binary or memory: https://cachematrix.com
Source: sets.json.0.dr	String found in binary or memory: https://cafemedia.com
Source: sets.json.0.dr	String found in binary or memory: https://caracoltv.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.be
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://carcostadvisor.fr
Source: sets.json.0.dr	String found in binary or memory: https://cardsayings.net
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.perf.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.ppe.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.production.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_638.2.dr	String found in binary or memory: https://cart.staging.store-web.dynamics.com/cart/v1.0/cart/loadCart
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://cdn.jsdelivr.net/npm/bootstrap
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Source: chromecache_494.2.dr	String found in binary or memory: https://cdnssl.clicktale.net
Source: chromecache_494.2.dr	String found in binary or memory: https://cdnssl.clicktale.net/www32/ptc/05d32363-d534-4d93-9b65-cde674775e71.js
Source: chromecache_635.2.dr	String found in binary or memory: https://checkout.office.com/acquire/purchase
Source: chromecache_635.2.dr	String found in binary or memory: https://checkout.office.com/acquire/purchase/
Source: sets.json.0.dr	String found in binary or memory: https://chennien.com
Source: sets.json.0.dr	String found in binary or memory: https://clarosports.com
Source: sets.json.0.dr	String found in binary or memory: https://clmbtech.com
Source: sets.json.0.dr	String found in binary or memory: https://clubelpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://cmxd.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.com
Source: sets.json.0.dr	String found in binary or memory: https://commentcamarche.net
Source: chromecache_594.2.dr	String found in binary or memory: https://community.powerbi.com/
Source: sets.json.0.dr	String found in binary or memory: https://computerbild.de
Source: sets.json.0.dr	String found in binary or memory: https://cookreactor.com
Source: sets.json.0.dr	String found in binary or memory: https://cricbuzz.com
Source: chromecache_494.2.dr	String found in binary or memory: https://d.impactradius-event.com
Source: chromecache_569.2.dr	String found in binary or memory: https://dc-int.services.visualstudio.com
Source: chromecache_569.2.dr	String found in binary or memory: https://dc.services.visualstudio.com
Source: sets.json.0.dr	String found in binary or memory: https://desimartini.com
Source: chromecache_535.2.dr	String found in binary or memory: https://dev.azure.com/mscomdev/Moray/_workitems/edit/4494
Source: chromecache_535.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values
Source: chromecache_594.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/Roles/Alert_Role
Source: sets.json.0.dr	String found in binary or memory: https://dewarmsteweek.be
Source: sets.json.0.dr	String found in binary or memory: https://economictimes.com
Source: sets.json.0.dr	String found in binary or memory: https://een.be
Source: sets.json.0.dr	String found in binary or memory: https://efront.com
Source: chromecache_535.2.dr	String found in binary or memory: https://elad.medium.com/css-position-sticky-how-it-really-works-54cd01dc2d46
Source: sets.json.0.dr	String found in binary or memory: https://eleconomista.net
Source: sets.json.0.dr	String found in binary or memory: https://elfinancierocr.com
Source: sets.json.0.dr	String found in binary or memory: https://elgrafico.com
Source: sets.json.0.dr	String found in binary or memory: https://ella.sv
Source: sets.json.0.dr	String found in binary or memory: https://elpais.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://elpais.uy
Source: sets.json.0.dr	String found in binary or memory: https://etfacademy.it
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookcloud.com
Source: sets.json.0.dr	String found in binary or memory: https://eworkbookrequest.com
Source: sets.json.0.dr	String found in binary or memory: https://fakt.pl
Source: sets.json.0.dr	String found in binary or memory: https://finn.no
Source: sets.json.0.dr	String found in binary or memory: https://firstlook.biz
Source: sets.json.0.dr	String found in binary or memory: https://gallito.com.uy
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_475.2.dr, chromecache_531.2.dr, chromecache_701.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: sets.json.0.dr	String found in binary or memory: https://gettalkdesk.com
Source: chromecache_638.2.dr	String found in binary or memory: https://github.com/axios/axios.git
Source: chromecache_638.2.dr	String found in binary or memory: https://github.com/axios/axios/issues
Source: chromecache_394.2.dr	String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_716.2.dr, chromecache_618.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/es-shims/es5-shim/issues/150
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/kitcambridge/es5-shim/commit/4f738ac066346
Source: chromecache_534.2.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/mozilla/rhino/issues/346
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/tc39/proposal-array-filtering
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_475.2.dr, chromecache_531.2.dr, chromecache_701.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/main/LICENSE)
Source: chromecache_718.2.dr, chromecache_639.2.dr, chromecache_701.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/graphs/contributors)
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/w3c/aria-practices/pull/1757
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.26.0/LICENSE
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.27.2/LICENSE
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/1128
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/1130
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/475
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/677
Source: chromecache_535.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/issues/86#issuecomment-115759028
Source: sets.json.0.dr	String found in binary or memory: https://gliadomain.com
Source: sets.json.0.dr	String found in binary or memory: https://grid.id
Source: sets.json.0.dr	String found in binary or memory: https://gridgames.app
Source: sets.json.0.dr	String found in binary or memory: https://growthrx.in
Source: sets.json.0.dr	String found in binary or memory: https://grupolpg.sv
Source: sets.json.0.dr	String found in binary or memory: https://gujaratijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://hapara.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1.global
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.com
Source: sets.json.0.dr	String found in binary or memory: https://hc1cas.global
Source: sets.json.0.dr	String found in binary or memory: https://healthshots.com
Source: sets.json.0.dr	String found in binary or memory: https://hearty.app
Source: sets.json.0.dr	String found in binary or memory: https://hearty.gift
Source: sets.json.0.dr	String found in binary or memory: https://hearty.me
Source: sets.json.0.dr	String found in binary or memory: https://heartymail.com
Source: sets.json.0.dr	String found in binary or memory: https://hindustantimes.com
Source: sets.json.0.dr	String found in binary or memory: https://hj.rs
Source: sets.json.0.dr	String found in binary or memory: https://hjck.com
Source: sets.json.0.dr	String found in binary or memory: https://human-talk.org
Source: sets.json.0.dr	String found in binary or memory: https://idbs-cloud.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-dev.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-eworkbook.com
Source: sets.json.0.dr	String found in binary or memory: https://idbs-staging.com
Source: chromecache_494.2.dr, chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Source: sets.json.0.dr	String found in binary or memory: https://indiatimes.com
Source: sets.json.0.dr	String found in binary or memory: https://iolam.it
Source: sets.json.0.dr	String found in binary or memory: https://ishares.com
Source: sets.json.0.dr	String found in binary or memory: https://jagran.com
Source: chromecache_535.2.dr	String found in binary or memory: https://javascript.info/size-and-scroll-window#width-height-of-the-document
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldesfemmes.fr
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.com
Source: sets.json.0.dr	String found in binary or memory: https://journaldunet.fr
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://joyreactor.com
Source: chromecache_703.2.dr, chromecache_718.2.dr	String found in binary or memory: https://jquery.com/
Source: chromecache_703.2.dr, chromecache_718.2.dr	String found in binary or memory: https://jquery.org/license
Source: chromecache_703.2.dr	String found in binary or memory: https://js.foundation/
Source: chromecache_494.2.dr	String found in binary or memory: https://js.monitor.azure.com
Source: chromecache_635.2.dr	String found in binary or memory: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Source: sets.json.0.dr	String found in binary or memory: https://kaksya.in
Source: chromecache_535.2.dr	String found in binary or memory: https://keycode.info/table-of-all-keycodes
Source: sets.json.0.dr	String found in binary or memory: https://kompas.com
Source: sets.json.0.dr	String found in binary or memory: https://kompas.tv
Source: sets.json.0.dr	String found in binary or memory: https://kompasiana.com
Source: sets.json.0.dr	String found in binary or memory: https://lanacion.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.com
Source: sets.json.0.dr	String found in binary or memory: https://landyrev.ru
Source: sets.json.0.dr	String found in binary or memory: https://laprensagrafica.com
Source: sets.json.0.dr	String found in binary or memory: https://lateja.cr
Source: sets.json.0.dr	String found in binary or memory: https://libero.it
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.com
Source: sets.json.0.dr	String found in binary or memory: https://linternaute.fr
Source: sets.json.0.dr	String found in binary or memory: https://livehindustan.com
Source: sets.json.0.dr	String found in binary or memory: https://livemint.com
Source: chromecache_521.2.dr	String found in binary or memory: https://login.live.com/Me.srf?wa
Source: chromecache_494.2.dr	String found in binary or memory: https://login.live.com/me.srf?wa=wsignin1.0
Source: chromecache_395.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/forgetuser
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/savedusers?appid
Source: chromecache_521.2.dr	String found in binary or memory: https://login.microsoftonline.com/uxlogout?appid
Source: chromecache_395.2.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_494.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net
Source: chromecache_506.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le/apps/campaigns/1.15.0-release_1226688692/img/engagementWindow/no-imag
Source: chromecache_635.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_unified_window/10.13.0.5-release_5314/resources/icons/desktop/sprites
Source: chromecache_635.2.dr	String found in binary or memory: https://lpcdn.lpsnmedia.net/le_unified_window/9.12.0.19-release_4769/resources/loader_on_warmGray5_7
Source: chromecache_494.2.dr	String found in binary or memory: https://lptag.liveperson.net
Source: sets.json.0.dr	String found in binary or memory: https://max.auto
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Source: chromecache_635.2.dr	String found in binary or memory: https://mcraa.fs.liveperson.com/messaging-agent-availability/api/account/60270350/getSkillAvailabili
Source: sets.json.0.dr	String found in binary or memory: https://medonet.pl
Source: chromecache_494.2.dr, chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://mem.gfx.ms
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.co.cr
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.bo
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.do
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.gt
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.hn
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ni
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pa
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.py
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.sv
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadolibre.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadolivre.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ec
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.mx
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.pe
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://mercadopago.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.cl
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.ar
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.br
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.co
Source: sets.json.0.dr	String found in binary or memory: https://mercadoshops.com.mx
Source: chromecache_638.2.dr	String found in binary or memory: https://microsoftit.pkgs.visualstudio.com/OneITVSO/_packaging/CSM-SITES-AEMFoundations/npm/registry/
Source: chromecache_605.2.dr, chromecache_497.2.dr, chromecache_542.2.dr, chromecache_647.2.dr, chromecache_587.2.dr	String found in binary or memory: https://microsoftwindows.112.2o7.net
Source: sets.json.0.dr	String found in binary or memory: https://mighty-app.appspot.com
Source: sets.json.0.dr	String found in binary or memory: https://mightytext.net
Source: sets.json.0.dr	String found in binary or memory: https://mittanbud.no
Source: sets.json.0.dr	String found in binary or memory: https://money.pl
Source: sets.json.0.dr	String found in binary or memory: https://mystudentdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://nacion.com
Source: sets.json.0.dr	String found in binary or memory: https://nidhiacademyonline.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.co
Source: sets.json.0.dr	String found in binary or memory: https://nien.com
Source: sets.json.0.dr	String found in binary or memory: https://nien.org
Source: sets.json.0.dr	String found in binary or memory: https://noticiascaracol.com
Source: sets.json.0.dr	String found in binary or memory: https://nourishingpursuits.com
Source: sets.json.0.dr	String found in binary or memory: https://o2.pl
Source: sets.json.0.dr	String found in binary or memory: https://ocdn.eu
Source: chromecache_494.2.dr	String found in binary or memory: https://office.com/systemrequirements
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://onedrive.live.com/about/en-us/
Source: sets.json.0.dr	String found in binary or memory: https://onet.pl
Source: sets.json.0.dr	String found in binary or memory: https://ottplay.com
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://outlook.live.com/owa/
Source: chromecache_669.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: sets.json.0.dr	String found in binary or memory: https://paula.com.uy
Source: sets.json.0.dr	String found in binary or memory: https://pdmp-apis.no
Source: sets.json.0.dr	String found in binary or memory: https://phonandroid.com
Source: sets.json.0.dr	String found in binary or memory: https://player.pl
Source: sets.json.0.dr	String found in binary or memory: https://plejada.pl
Source: sets.json.0.dr	String found in binary or memory: https://poalim.site
Source: sets.json.0.dr	String found in binary or memory: https://poalim.xyz
Source: sets.json.0.dr	String found in binary or memory: https://portalinmobiliario.com
Source: sets.json.0.dr	String found in binary or memory: https://prisjakt.no
Source: chromecache_494.2.dr	String found in binary or memory: https://products.office.com/en-us/free-productivity-apps
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://products.office.com/en-us/home
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://products.office.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Source: chromecache_494.2.dr	String found in binary or memory: https://products.office.com/microsoft-office-for-home-and-school-faq#cd6f27d6-3bb0-22a8-9228-1385af8
Source: chromecache_494.2.dr	String found in binary or memory: https://publisher.liveperson.net
Source: chromecache_494.2.dr	String found in binary or memory: https://publisher.liveperson.net/iframe-le-tag/iframe-cs.html?lpsite=60270350&lpsection=store-m3
Source: sets.json.0.dr	String found in binary or memory: https://pudelek.pl
Source: sets.json.0.dr	String found in binary or memory: https://punjabijagran.com
Source: sets.json.0.dr	String found in binary or memory: https://radio1.be
Source: sets.json.0.dr	String found in binary or memory: https://radio2.be
Source: sets.json.0.dr	String found in binary or memory: https://reactor.cc
Source: sets.json.0.dr	String found in binary or memory: https://repid.org
Source: sets.json.0.dr	String found in binary or memory: https://reshim.org
Source: sets.json.0.dr	String found in binary or memory: https://rws1nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws2nvtvt.com
Source: sets.json.0.dr	String found in binary or memory: https://rws3nvtvt.com
Source: chromecache_638.2.dr	String found in binary or memory: https://s7d2.scene7.com/is/image/microsoftcorp/mwf-placeholder
Source: sets.json.0.dr	String found in binary or memory: https://salemoveadvisor.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovefinancial.com
Source: sets.json.0.dr	String found in binary or memory: https://salemovetravel.com
Source: sets.json.0.dr	String found in binary or memory: https://samayam.com
Source: chromecache_494.2.dr	String found in binary or memory: https://schema.org
Source: sets.json.0.dr	String found in binary or memory: https://shock.co
Source: chromecache_635.2.dr	String found in binary or memory: https://signup-local.azure.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://signup-staging.azure.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://signup.azure.com/
Source: chromecache_703.2.dr	String found in binary or memory: https://sizzlejs.com/
Source: sets.json.0.dr	String found in binary or memory: https://smoney.vn
Source: sets.json.0.dr	String found in binary or memory: https://songshare.com
Source: sets.json.0.dr	String found in binary or memory: https://songstats.com
Source: sets.json.0.dr	String found in binary or memory: https://sporza.be
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Source: sets.json.0.dr	String found in binary or memory: https://standardsandpraiserepurpose.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.com
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.net
Source: sets.json.0.dr	String found in binary or memory: https://startupislandtaiwan.org
Source: chromecache_594.2.dr	String found in binary or memory: https://static-assets.fs.liveperson.com/microsoft/lp_ada_enhancements-prod.css
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css?c=7
Source: chromecache_669.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_635.2.dr	String found in binary or memory: https://stores.office.com/
Source: chromecache_635.2.dr	String found in binary or memory: https://stores.office.com/subscription/acquire
Source: sets.json.0.dr	String found in binary or memory: https://stripe.com
Source: sets.json.0.dr	String found in binary or memory: https://stripe.network
Source: sets.json.0.dr	String found in binary or memory: https://stripecdn.com
Source: sets.json.0.dr	String found in binary or memory: https://supereva.it
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ar-sa/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/cs-cz/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/da-dk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/de-ch/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/de-de/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ae/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ca/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-gb/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ie/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-in/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-ng/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_494.2.dr	String found in binary or memory: https://support.office.com/en-us/article/accounts-in-office-628ea040-f265-49de-b986-be09c3ebf8a9
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-us/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_494.2.dr	String found in binary or memory: https://support.office.com/en-us/article/what-s-new-in-office-365-95c8d81d-08ba-42c1-914f-bca4603e14
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/en-za/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-cl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-co/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-es/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/es-mx/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fi-fi/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fr-ch/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/fr-fr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/he-il/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/hu-hu/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/id-id/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/it-it/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ja-jp/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ko-kr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/nb-no/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/nl-nl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pl-pl/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pt-br/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/pt-pt/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/ru-ru/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/sk-sk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/sv-se/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/th-th/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/tr-tr/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/vi-vn/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-cn/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-hk/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.office.com/zh-tw/article/get-support-or-advice-18948a4c-3eb1-4b30-b1bc-a4cc29eb7655
Source: chromecache_594.2.dr	String found in binary or memory: https://support.xbox.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskqaid.com
Source: sets.json.0.dr	String found in binary or memory: https://talkdeskstgid.com
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot-aec
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype-
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.every
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.filter
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.find
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.findIndex
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.foreach
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.includes
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.indexof
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.map
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.push
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.some
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.splice
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-arrayspeciescreate
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-getmethod
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-hasownproperty
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isarray
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-iscallable
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isconstructor
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-isregexp
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-lengthofarraylike
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-math.trunc
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.create
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.defineproperties
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.defineproperty
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.entries
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertydescriptor
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertynames
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.keys
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.prototype.tostring
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-object.values
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-ordinarytoprimitive
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-parseint-string-radix
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-requireobjectcoercible
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.includes
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trim
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trimend
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-string.prototype.trimstart
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-tointegerorinfinity
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-tolength
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-toobject
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-toprimitive
Source: chromecache_535.2.dr	String found in binary or memory: https://tc39.es/ecma262/#sec-topropertykey
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: sets.json.0.dr	String found in binary or memory: https://teacherdashboard.com
Source: sets.json.0.dr	String found in binary or memory: https://technology-revealed.com
Source: chromecache_494.2.dr	String found in binary or memory: https://templates.office.com
Source: sets.json.0.dr	String found in binary or memory: https://textyserver.appspot.com
Source: chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.c
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/-EBq-current.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/Z5BR-network.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/_Fm7-alert.mp3
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/cross.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/def.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/kxFy-clip.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/microsoft.png
Source: chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/minimize.jpeg
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/nOxp-sett.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/okPE-vs.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/qsbs-firewall.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/s-S4-acc.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/stop.png
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/uZbx-si.png
Source: chromecache_701.2.dr	String found in binary or memory: https://theflavorsomejourney.com/coc/virus-images.jpeg
Source: sets.json.0.dr	String found in binary or memory: https://timesinternet.in
Source: sets.json.0.dr	String found in binary or memory: https://timesofindia.com
Source: sets.json.0.dr	String found in binary or memory: https://tribunnews.com
Source: sets.json.0.dr	String found in binary or memory: https://trytalkdesk.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.co
Source: sets.json.0.dr	String found in binary or memory: https://tucarro.com.ve
Source: sets.json.0.dr	String found in binary or memory: https://tvid.in
Source: sets.json.0.dr	String found in binary or memory: https://tvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://tvn24.pl
Source: sets.json.0.dr	String found in binary or memory: https://unotv.com
Source: chromecache_523.2.dr	String found in binary or memory: https://ussearchprod.trafficmanager.net/services/api/v1.0/store/categories
Source: chromecache_635.2.dr	String found in binary or memory: https://va.idp.liveperson.net
Source: chromecache_635.2.dr	String found in binary or memory: https://va.msg.liveperson.net
Source: sets.json.0.dr	String found in binary or memory: https://victorymedium.com
Source: sets.json.0.dr	String found in binary or memory: https://vrt.be
Source: sets.json.0.dr	String found in binary or memory: https://vwo.com
Source: sets.json.0.dr	String found in binary or memory: https://welt.de
Source: sets.json.0.dr	String found in binary or memory: https://wieistmeineip.de
Source: sets.json.0.dr	String found in binary or memory: https://wildix.com
Source: sets.json.0.dr	String found in binary or memory: https://wildixin.com
Source: sets.json.0.dr	String found in binary or memory: https://wingify.com
Source: sets.json.0.dr	String found in binary or memory: https://wordle.at
Source: sets.json.0.dr	String found in binary or memory: https://wp.pl
Source: sets.json.0.dr	String found in binary or memory: https://wpext.pl
Source: chromecache_594.2.dr	String found in binary or memory: https://www.21vbluecloud.com/dynamics365/
Source: sets.json.0.dr	String found in binary or memory: https://www.asadcdn.com
Source: chromecache_494.2.dr	String found in binary or memory: https://www.clarity.ms
Source: chromecache_565.2.dr	String found in binary or memory: https://www.clarity.ms/tag/uet/
Source: chromecache_669.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_557.2.dr, chromecache_669.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_701.2.dr, chromecache_648.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-JNCVPNG0V6
Source: chromecache_669.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_594.2.dr	String found in binary or memory: https://www.microsoftestore.com.hk/partner?locale=zh_HK
Source: chromecache_635.2.dr	String found in binary or memory: https://www.microsoftstore.com.cn/
Source: chromecache_494.2.dr	String found in binary or memory: https://www.office.com/?auth=1
Source: chromecache_494.2.dr	String found in binary or memory: https://www.office.com/?auth=2
Source: chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://www.onenote.com/
Source: chromecache_494.2.dr, chromecache_683.2.dr, chromecache_433.2.dr, chromecache_520.2.dr	String found in binary or memory: https://www.skype.com/en/
Source: chromecache_520.2.dr	String found in binary or memory: https://www.xbox.com/
Source: chromecache_494.2.dr	String found in binary or memory: https://www.xbox.com/en-us/games/store/pc-game-pass/cfq7ttc0kgq8?icid=CNavAllPCGamePass
Source: chromecache_494.2.dr	String found in binary or memory: https://www.xbox.com/en-us/games/store/xbox-game-pass-ultimate/cfq7ttc0khs0?icid=CNavAllXboxGamePass
Source: chromecache_669.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api
Source: sets.json.0.dr	String found in binary or memory: https://ya.ru
Source: sets.json.0.dr	String found in binary or memory: https://zalo.me
Source: sets.json.0.dr	String found in binary or memory: https://zdrowietvn.pl
Source: sets.json.0.dr	String found in binary or memory: https://zingmp3.vn

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 57680 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56954
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56953
Source: unknown	Network traffic detected: HTTP traffic on port 57536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57497
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57559 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57507 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57639 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57547 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 57576 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57530 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57685 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57657 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57707
Source: unknown	Network traffic detected: HTTP traffic on port 57577 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57709
Source: unknown	Network traffic detected: HTTP traffic on port 57422 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57704
Source: unknown	Network traffic detected: HTTP traffic on port 56937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57628 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57497 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57609 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56981
Source: unknown	Network traffic detected: HTTP traffic on port 57560 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57541 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57714
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57529 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 57575 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 57420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57603 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57566
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57688
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57689
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57573
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57694
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57695
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57575
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57576
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57697
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57691
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57692
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57612 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57520 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57635 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 57681 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 57526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 57593 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57577
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57578
Source: unknown	Network traffic detected: HTTP traffic on port 57664 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57629 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57584
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57585
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57580
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 57548 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 57525 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56936
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56937
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 57686 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57531 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57589
Source: unknown	Network traffic detected: HTTP traffic on port 57647 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57593
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57590
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 57618 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 57658 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 56896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57602 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57669 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57542 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 57508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 57607 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57647
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57527
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57529
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57522
Source: unknown	Network traffic detected: HTTP traffic on port 57533 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57644
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57525
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57585 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57650
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57530
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57531
Source: unknown	Network traffic detected: HTTP traffic on port 57562 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57694 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57653
Source: unknown	Network traffic detected: HTTP traffic on port 57671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57551 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57568 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57658
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57417
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57659
Source: unknown	Network traffic detected: HTTP traffic on port 57516 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57419
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57533
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57654
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57536
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57657
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57540
Source: unknown	Network traffic detected: HTTP traffic on port 57619 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57420
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57541
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57542
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57422
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57664
Source: unknown	Network traffic detected: HTTP traffic on port 57424 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57688 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57527 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57544 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57653 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57636 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57682 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57548
Source: unknown	Network traffic detected: HTTP traffic on port 57601 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57669
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57549
Source: unknown	Network traffic detected: HTTP traffic on port 56952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57423
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57544
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57424
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57425
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57546
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57667
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57547
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57551
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57552
Source: unknown	Network traffic detected: HTTP traffic on port 57509 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57675
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57425 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57557 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57671
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 57606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56905
Source: unknown	Network traffic detected: HTTP traffic on port 57549 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57419 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57559
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57676
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57557
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57562
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57683
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57684
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57685
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57680
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57560
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57681
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57561
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57682
Source: unknown	Network traffic detected: HTTP traffic on port 57580 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57659 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57521 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57607
Source: unknown	Network traffic detected: HTTP traffic on port 57546 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57608
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57609
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57603
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57604
Source: unknown	Network traffic detected: HTTP traffic on port 56954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57605
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57606
Source: unknown	Network traffic detected: HTTP traffic on port 57684 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57721
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57601
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57602
Source: unknown	Network traffic detected: HTTP traffic on port 57626 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57578 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57618
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57619
Source: unknown	Network traffic detected: HTTP traffic on port 57417 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57614
Source: unknown	Network traffic detected: HTTP traffic on port 57589 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57616
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57612
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56891
Source: unknown	Network traffic detected: HTTP traffic on port 57561 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57667 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57540 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57573 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57605 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57508
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57629
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57509
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57504
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57626
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57627
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57507
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57628
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57621
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57745
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57621 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57689 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 57650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 57528 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57683 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57636
Source: unknown	Network traffic detected: HTTP traffic on port 57423 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57516
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57639
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57627 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57635
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57644 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57520
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57521
Source: unknown	Network traffic detected: HTTP traffic on port 57556 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57590 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57584 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56981 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49757 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49765 version: TLS 1.2

Spam, unwanted Advertisements and Ransom Demands

Yara detected TechSupportScam

Source: Yara match	File source: 0.2.pages.csv, type: HTML
Source: Yara match	File source: 0.0.pages.csv, type: HTML

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\sets.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\LICENSE	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_1206968993\manifest.fingerprint	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\manifest.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\_metadata\	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\_metadata\verified_contents.json	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\manifest.fingerprint	Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\chrome_BITS_1900_1488550624

Jump to behavior

PE file contains more sections than normal

Source: Google.Widevine.CDM.dll.0.dr

Static PE information: Number of sections : 12 > 10

Source: classification engine

Classification label: mal60.phis.win@40/647@196/56

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=2160,i,415542738888079574,9444747772087432228,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2216 --field-trial-handle=2160,i,415542738888079574,9444747772087432228,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source:

Binary string: Google.Widevine.CDM.dll.pdb source: Google.Widevine.CDM.dll.0.dr

PE file contains sections with non-standard names

Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .00cfg
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .gxfg
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .retplne
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: .voltbl
Source: Google.Widevine.CDM.dll.0.dr	Static PE information: section name: _RDATA

Drops PE files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll

Jump to dropped file

Drops PE files to the windows directory (C:\Windows)

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping1900_458205767\Google.Widevine.CDM.dll

Jump to dropped file

ID:	1446890
Product:	CloudBasic
Start time:	00:34:24
Start date:	24.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

Spam, unwanted Advertisements and Ransom Demands

System Summary

Data Obfuscation

Persistence and Installation Behavior

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

Spam, unwanted Advertisements and Ransom Demands

System Summary

Data Obfuscation

Persistence and Installation Behavior

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://trq21files6468h65fdtr65g67h85deploy869.pages.dev/