Windows Analysis Report
https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda

Overview

General Information

Sample URL:	https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda
Analysis ID:	1446913
Infos:

Detection

Score:	68
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus / Scanner detection for submitted sample

Phishing site detected (based on favicon image match)

AI detected suspicious javascript

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

Found iframes

HTML body contains low number of good links

HTML title does not match URL

Submit button contains javascript call

Classification

Signatures

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	Avira URL Cloud: detection malicious, Label: phishing
Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering

Phishing

AI detected phishing page

Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda

LLM: Score: 9 brands: OneDrive Reasons: The URL 'https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda' is suspicious because it does not match the legitimate domain for OneDrive, which is 'onedrive.live.com'. The use of 'ms-1drive.com' is a common phishing technique to mimic legitimate services. The page includes a login form, which is a common tactic in phishing to steal credentials. The presence of a medical report PDF is also a social usering technique to entice users to click on the download link. DOM: 0.0.pages.csv

Phishing site detected (based on favicon image match)

Source: https://ms-1drive.com	Matcher: Template: onedrive matched with high similarity
Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	Matcher: Template: onedrive matched with high similarity

AI detected suspicious javascript

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	LLM: Score: 7 Reasons: The code attempts to break out of an iframe by replacing the top-level window's location with the current location. This behavior is often associated with phishing attempts to prevent detection and ensure the malicious content is displayed in the full browser window. Additionally, the use of 'document.write' to inject HTML can be risky as it may lead to cross-site scripting (XSS) vulnerabilities. DOM: 3.4.pages.csv
Source: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU	LLM: Score: 7 Reasons: The code contains suspicious elements such as hardcoded URLs that appear to be related to phishing attempts, the use of obfuscated or encoded strings, and the collection of potentially sensitive information about plugins and fonts. These characteristics are often associated with malicious activities. DOM: 4.5.pages.csv
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	LLM: Score: 7 Reasons: The provided JavaScript code contains long random hexadecimal strings which are typically used for cryptographic purposes. However, the presence of such strings without context or explanation can be suspicious. The variables 'Key', 'randomNum', and 'SKI' might be used for encryption or obfuscation, which is a common technique in malicious scripts to hide their true purpose. Without further context or additional code, it is difficult to determine the exact intent, but the use of such obfuscation techniques raises a moderate to high risk of potential malicious activity. DOM: 3.4.pages.csv
Source: https://fpt2.microsoft.com/Clear.HTML?ctx=Ls1.0&wl=False&session_id=368a97c0ecf841f8bdc9940f325083c6&id=202f4ae7-3b8e-4b75-4b18-6e1e9641e2f2&w=8DC7B7BA93AC1DA&tkt=taBcrIH61PuCVH7eNCyH0K%252fD9DJ44Cptuv0RyrXgXCvIo0u9ttCEbLuRCYXcmaPsbemRxwam7Kqh9GtF9dO	LLM: Score: 7 Reasons: The code interacts with localStorage and sends potentially sensitive information (session_id, CustomerId, authKey) to external URLs. This behavior is typical of tracking but can also be used for malicious purposes such as session hijacking or data exfiltration. The use of obfuscated strings and the lack of clear documentation or context further increase the risk. DOM: 5.6.pages.csv

Found iframes

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6

HTTP Parser: Iframe src: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU

HTML body contains low number of good links

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.live.com/login.srf	HTTP Parser: Title: Sign in to your Microsoft account does not match URL
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: Title: Create account does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: Title: Redirecting does not match URL

Submit button contains javascript call

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();

Source: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No favicon
Source: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1	HTTP Parser: No favicon

Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No <meta name="author".. found

Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49716 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.6:49730 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: onedrive.live.com to https://www.microsoft.com/microsoft-365/onedrive/online-cloud-storage

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /v/794850bf-f104-442e-acb0-475634834dda HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/onedrive.css HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/pdf.png HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/pdf.png HTTP/1.1Host: ms-1drive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ms-1drive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/js/login_en_31OakWsQhbXgK7L_U0YNNw2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000.30238.3/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000.30238.3/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /converged_ux_v2_nBE5FSqn9KpH44ZlTc3VqQ2.css?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lwsignupstringscountrybirthdate_en-us_gdxUIqa3ijrOefuBnwhTKg2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_xUzYzJceL8JC5cjTFIHHBQ2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px?id=1776578&t=2 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fpx%3Fid%3D1776578%26t%3D2 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=5WjnP_WkGZ_O4OjIHi9hXGUqFsqMtYENMVtLZ_4nxmgLX3ApHNCCauxPjFC8eTlriS6kxrza28F8dUlLyz8oh4q66GfJOdWJA_skstrYSno.; receive-cookie-deprecation=1; uuid2=8390600150162661499
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fpx%3Fid%3D1776578%26t%3D2 HTTP/1.1Host: secure.adnxs.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=8390600150162661499; anj=dTM7k!M4/8CxrEQF']wIg2E>9v:j>B!]tbP6j2F-XstGt!@E(1%'?oW
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.facebook.com (Facebook)
Source: chromecache_202.2.dr, chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.linkedin.com (Linkedin)
Source: chromecache_202.2.dr, chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.twitter.com (Twitter)

Source: global traffic	DNS traffic detected: DNS query: ms-1drive.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: assets.onestore.ms
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: c.s-microsoft.com
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: signup.live.com
Source: global traffic	DNS traffic detected: DNS query: fpt.live.com
Source: global traffic	DNS traffic detected: DNS query: services.bingapis.com
Source: global traffic	DNS traffic detected: DNS query: secure.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net

Source: chromecache_283.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_146.2.dr, chromecache_184.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_146.2.dr	String found in binary or memory: http://opensource.org/licenses/mit-license.php)
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: http://schema.org/Organization
Source: chromecache_146.2.dr	String found in binary or memory: http://www.json.org/json2.js
Source: chromecache_146.2.dr, chromecache_184.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.0/css/mwf-west-european-default.min.c
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: chromecache_319.2.dr	String found in binary or memory: https://ceto.westus2.binguxlivesite.net/
Source: chromecache_216.2.dr	String found in binary or memory: https://fpt.live.com/
Source: chromecache_184.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_259.2.dr	String found in binary or memory: https://highlightjs.org/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Source: chromecache_149.2.dr	String found in binary or memory: https://login.chinacloudapi.cn
Source: chromecache_190.2.dr	String found in binary or memory: https://login.live.com/login.srf
Source: chromecache_319.2.dr	String found in binary or memory: https://login.live.com/login.srf?wa=wsignin1.0
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.de
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.us
Source: chromecache_149.2.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_190.2.dr	String found in binary or memory: https://onedrive.live.com/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://onedrive.live.com/about/en-us/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://outlook.live.com/owa/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://products.office.com/en-us/home
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://products.office.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Source: chromecache_319.2.dr	String found in binary or memory: https://secure.adnxs.com/px?id=1776578&t=2
Source: chromecache_190.2.dr	String found in binary or memory: https://signup.live.com/signup
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css?c=7
Source: chromecache_319.2.dr	String found in binary or memory: https://storage.live.com/users/0x
Source: chromecache_190.2.dr	String found in binary or memory: https://temp.sh/MvTQc/atch_Medical_Report_Scan05202024.exe
Source: chromecache_213.2.dr	String found in binary or memory: https://www.clarity.ms/tag/uet/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://www.onenote.com/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://www.skype.com/en/
Source: chromecache_201.2.dr	String found in binary or memory: https://www.suno.ai/legal/privacy
Source: chromecache_201.2.dr	String found in binary or memory: https://www.suno.ai/legal/terms
Source: chromecache_335.2.dr	String found in binary or memory: https://www.suno.ai/privacy)
Source: chromecache_335.2.dr	String found in binary or memory: https://www.suno.ai/terms)
Source: chromecache_204.2.dr	String found in binary or memory: https://www.xbox.com/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49716 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@30/342@42/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6524 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6524 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.67	part-0039.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
91.92.253.214	ms-1drive.com	Bulgaria	34368	THEZONEBG	true
185.89.211.116	unknown	Germany	29990	ASN-APPNEXUS	false
13.107.139.11	dual-spov-0006.spov-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
185.89.210.122	ib.anycast.adnxs.com	Germany	29990	ASN-APPNEXUS	false
216.58.206.68	www.google.com	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
192.229.221.185	cs1227.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
152.199.21.175	sni1gl.wpc.alphacdn.net	United States	15133	EDGECASTUS	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false

Private

IP
192.168.2.6
192.168.2.5

Contacted Domains

Name	IP	Active
dual-spov-0006.spov-msedge.net	13.107.139.11	true
part-0039.t-0009.t-msedge.net	13.107.246.67	true
part-0017.t-0009.t-msedge.net	13.107.213.45	true
cs1100.wpc.omegacdn.net	152.199.23.37	true
sni1gl.wpc.alphacdn.net	152.199.21.175	true
ms-1drive.com	91.92.253.214	true
www.google.com	216.58.206.68	true
cs1227.wpc.alphacdn.net	192.229.221.185	true
ib.anycast.adnxs.com	185.89.210.122	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
signup.live.com	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
logincdn.msftauth.net	unknown	unknown
assets.onestore.ms	unknown	unknown
secure.adnxs.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
c.s-microsoft.com	unknown	unknown
onedrive.live.com	unknown	unknown
services.bingapis.com	unknown	unknown
login.microsoftonline.com	unknown	unknown
fpt.live.com	unknown	unknown
acctcdn.msftauth.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://acctcdn.msftauth.net/oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1	false	Avira URL Cloud: safe	unknown
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1776578%26t%3D2	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/lwsignupstringscountrybirthdate_en-us_gdxUIqa3ijrOefuBnwhTKg2.js?v=1	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg	false	Avira URL Cloud: safe	unknown
https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU	true		unknown
https://logincdn.msftauth.net/shared/5/images/signin_options_4e48046ce74f4b89d450.svg	false	Avira URL Cloud: safe	unknown
about:blank	false	Avira URL Cloud: safe	unknown
https://onedrive.live.com/	false	Avira URL Cloud: safe	unknown
https://logincdn.msftauth.net/16.000.30238.3/images/favicon.ico	false	Avira URL Cloud: safe	unknown
https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	true		unknown
https://ms-1drive.com/img/pdf.png	false	Avira URL Cloud: safe	unknown
https://logincdn.msftauth.net/shared/5/images/2_bc3d32a696895f78c19d.svg	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/images/favicon.ico?v=2	false	URL Reputation: safe	unknown
https://acctcdn.msftauth.net/jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1	false	Avira URL Cloud: safe	unknown
https://logincdn.msftauth.net/shared/5/js/login_en_31OakWsQhbXgK7L_U0YNNw2.js	false	Avira URL Cloud: safe	unknown
https://secure.adnxs.com/px?id=1776578&t=2	false	Avira URL Cloud: safe	unknown
https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	true		unknown
https://ms-1drive.com/css/onedrive.css	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg	false	Avira URL Cloud: safe	unknown
https://logincdn.msftauth.net/shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg	false	Avira URL Cloud: safe	unknown
https://logincdn.msftauth.net/shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js	false	Avira URL Cloud: safe	unknown
https://acctcdn.msftauth.net/converged_ux_v2_nBE5FSqn9KpH44ZlTc3VqQ2.css?v=1	false	URL Reputation: safe	unknown
https://acctcdn.msftauth.net/lightweightsignuppackage_xUzYzJceL8JC5cjTFIHHBQ2.js?v=1	false	Avira URL Cloud: safe	unknown
https://ms-1drive.com/favicon.ico	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 143	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	9F14C20150A003D7CE4DE57C298F0FBA	DAA53CF17CC45878A1B153F3C3BF47DC9669D78F	112FEC798B78AA02E102A724B5CB1990C0F909BC1D8B7B1FA256EAB41BBC0960
Chrome Cache Entry: 144	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	413656D7B02A189B01A10323A1820101	3CD27C361360729AAB2EEA7948AC47787CA7CE5C	C55D64F52F840EAB7BBE2E46EEFD1D362B6EDBC2839B9A43CEAA23EE00864CE8
Chrome Cache Entry: 145	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 146	ASCII text, with very long lines (4786), with CRLF, LF line terminators	5F50584B68D931B8BB85F523F15BAA14	FAF4BD348F40016BCE0ABF54F167C7923B303ABB	3C829DCF48768082A6177B77AE4E499337ED4C8BD056705CDB1E979F7B6EFCE5
Chrome Cache Entry: 147	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	0CB9064D95E743D3B817D18EB682652B	7C14828B737B94843255F5640022C5A4B4F1E478	CB02BB9A41135A72EF197BEA78F1C6BFCBB9AFB7E42EBA4FDA6D17EC1FDF9796
Chrome Cache Entry: 148	ASCII text, with very long lines (502), with no line terminators	A4FF9BE9619EE6148AEC1E62333BABF9	7AE2095C92227E2DD1B745DF21A64939E1F8FC34	F6E15630E7B92BBA973D2C07016A75382D870FFDA4BD23A813C665AAA210A045
Chrome Cache Entry: 149	ASCII text, with very long lines (19008)	8192D891E754AFD81A399F98BC6B265F	965E6C69F45118FEAB86EEEBBB0FC4964F2B3A98	E2E4D97C20D4478E8E947480C8F6C71A2C795776D405366BE70DB82E4EA4BA77
Chrome Cache Entry: 150	ASCII text, with no line terminators	A5363C37B617D36DFD6D25BFB89CA56B	31682AFCE628850B8CB31FAA8E9C4C5EC9EBB957	8B4D85985E62C264C03C88B31E68DBABDCC9BD42F40032A43800902261FF373F
Chrome Cache Entry: 151	ASCII text, with very long lines (65536), with no line terminators	7FE83E801274A3F7558AF60CF844E1BA	2B3B5F8A2E63B7FB59A8E7C7F535D3B619A0FFCC	0BD4E3AFF07FA67E913DDCAB8CF93980A472626A9C6043DA546253700F344D52
Chrome Cache Entry: 152	ASCII text, with very long lines (832), with no line terminators	11A6B835D01443CDD74435BD8B06F216	9F03B0182A06B300D9717B2D1B3849DC2709D866	72AF8531AE087A2FED5221D50E56538134B92390E73FF2628BCF80319392DD39
Chrome Cache Entry: 153	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 154	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 155	ASCII text, with very long lines (38710), with no line terminators	A5CD0E7967E63784F3C7DF62208F8A5B	6D5F7455A4EAF1E46A40B770D70E7B67F4288D5E	B81BE2CBE94D80726155334B7F5E64ECF24F57A9F6D41F2E0E451B8C1126E71F
Chrome Cache Entry: 156	ASCII text, with very long lines (21865), with no line terminators	E002821AE5998EA31304F350833782E5	D006C98DDD4F555BED97492CDB6EDF1513339520	0F67FB42577CA3D7BD672F016F0B1141842D5D29DD55E8D1B4CE84B9669E87A8
Chrome Cache Entry: 157	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 158	ASCII text, with very long lines (391), with no line terminators	55EC2297C0CF262C5FA9332F97C1B77A	92640E3D0A7CBE5D47BC8F0F7CC9362E82489D23	342C3DD52A8A456F53093671D8D91F7AF5B3299D72D60EDB28E4F506368C6467
Chrome Cache Entry: 159	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	58756A15CA84C4BEF1001888468DF4B2	3862D1196EBE713C37705FFFF163CE916F182D3D	35FF4BDB472B7DDF52DF911D5BBB12CBF70CBA30A782383F1C7CE39B8E24ADBE
Chrome Cache Entry: 160	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9CD33374398095A4F24475C397E4C0CB	4FCD56D346D06E00DEFE2DDE24C386FDDE967808	F835CA1C2E5C3845562A832E8AB1C0719617FBC2E64834EC30F329E562237BF5
Chrome Cache Entry: 161	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 162	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 163	ASCII text, with very long lines (513), with no line terminators	602C381194795DFC124FACDF48492EF1	90D594B7B5AF217824F2974514548C95FECFBFA5	BF450798FB52E2458A1E10749577E5334F3E1D7907A47FDFEA5430CB71FA19E6
Chrome Cache Entry: 164	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	49BFBB57A9E30B52D47D93903FBCEDAA	40EEAF0F914B1A2E66950EA8907D427B242814AA	DC489FBFF98BDA7BCE75B23160BC74942EC7C4725EFC65B985425A944C8631D5
Chrome Cache Entry: 165	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	4C3C78E819D1E5BACD7D85C75AC1CA72	6FEA985B5D21BF7875A42A4C786902DD23B7028E	AA1F66A25781D54DA4A7CD647C4D4FA885E113B1A72D07F0931418DADE408B19
Chrome Cache Entry: 166	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	1B5DCF3221D979DA27459566C9315582	9FFAD205F759B2CB9296C435A0C2EFE0A51A115F	AD7034605639390B4EAB3D02BE10D5DC7E99501DFE91C29A99D4499196AC971F
Chrome Cache Entry: 167	ASCII text, with very long lines (560), with no line terminators	9B28631B7C46706DBB7EEF2D16D9549B	2A463D97AF924D3B10C250181D0D902562494184	F8FA36AB6505DA51BEF5521EF84793391BE9C16DE5ABD6BB99C20FE4D1FB48CF
Chrome Cache Entry: 168	ASCII text, with very long lines (5039), with no line terminators	73D1ED8F5202386810B1D677CC9CA4A9	5E3AA4D7922383439C6209D4B766BB3431B94BA4	356A46F974BFEE0299884A61D599042D897D56E4D61D8850E535B33F72D859EE
Chrome Cache Entry: 169	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	B96C3BE15D5776400312CD89883B15A4	98E420B53C395B8BE9E2CC17AAA77CCF7E55CFA1	EF8F328845F2894F5EA10F2B5B3E947E54FFDE34BB328704BE7DDF2D6A387AB8
Chrome Cache Entry: 170	ASCII text, with very long lines (1949), with no line terminators	718C9D9C2D2A498DE3C6953B6347A22F	B2F1A5400618972690D509E970CC3ABEB72513F4	66133F155E3A433E9EECA08DFC3B4E225D358E1A89AB0665379EFF319F9F0081
Chrome Cache Entry: 171	ASCII text, with CRLF line terminators	C08527EB70AD111BC9AF89D51660932C	2C1D4B4C3ABC97B831F2FA5811303778D082CA63	9474F63E800EEE3E5B81D1A7C872BCC4D4D212CFD6B2DB6FCCFDBFA2A8ACFB3C
Chrome Cache Entry: 172	ASCII text, with very long lines (489), with no line terminators	1B2A435A789C13A2BD15B9DAF7CC240A	944CA601141C1C4062E7EBC4190FCAA265A35AAD	5FEED0CB9E52210875B953D1B2A624BD538FCC502666741106890D6326B31718
Chrome Cache Entry: 173	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9EFDA6D44D25EDAC67BAB1BAF1991576	E84314831F7C57C467B5F5A3CB485F1E1033E89A	98ECDAFD857975933B6AC3F8327AC913A6521A04FD1D378D386C17089A7DC46D
Chrome Cache Entry: 174	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	123179677A01EF8ED893EEBC872A6BFF	C10A80F6BD292FB7936FC5642F5374305CD2BFAB	C680D7A133B89DF99402273F66EF39CD335D8ADAB3BF790BD611E35876ED9B8A
Chrome Cache Entry: 175	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	53FC0BF385DE80EC605CAFBA2FBE0C7E	9769BBC82D6773C35013D851F5625299456F8A24	0E5930BF10DC6080AD2B1B9E9B121600A0CDF6D5B4558061C7A167205474B3EC
Chrome Cache Entry: 176	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	777739CC2D184E5E31BBFF2B738BE1C0	115FE2281F6B7F81237B44A69B8FBA045E9FFFEF	DAB9BBB0C88B23AF25F8FB3F086DF57FA739B8CDC715CFC57EA4C7B953E5FB90
Chrome Cache Entry: 177	HTML document, ASCII text, with very long lines (955), with CRLF line terminators	85DE642E1467807F64F7E10807DF3869	C795B490811C0E5A1A8F3C3F620AAB9F00C34F07	5965B2C5472AACA1CD66EA5B0D07A971B961FEE72FC27EB1F6C760042084B21B
Chrome Cache Entry: 178	ASCII text, with very long lines (37756), with no line terminators	423885818D67BFCF00E21BE13F6F3A71	A79144758AF1204BB161FCD79E74C1F692AFB7A5	5BB552BEB00AF20A3A39660DECABBA8520CF53FF43594D1CD923F9217081D169
Chrome Cache Entry: 179	ASCII text, with very long lines (65470)	DF539A916B1085B5E02BB2FF53460D37	8C9BABFE1C752F644C44F3FEEE33B4E6F56133D3	9C10EBE86CBDC73C7C7F9C9751C43DF9B238C82A3DCD1E495AE7169C38B67EEC
Chrome Cache Entry: 180	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	A5ED0743760FB1ED84BE65BBE655E09D	68CE2BE540A3DC52FD5E5795810AA2DCB8E9BD85	87547088EBFBE90DE71A7005BEFCB49DE9744C09CD2546A4864F92E090300837
Chrome Cache Entry: 181	ASCII text, with very long lines (7561), with no line terminators	FBF143B664D512D1FA7AEEEBA787129C	F827B539AE2992D7667162DC619CC967985166D9	E162CCD10A34933D736008EB0BC6B880C4E783CF81F944BCA7311BF5F3CD4AFF
Chrome Cache Entry: 182	HTML document, ASCII text, with very long lines (955), with CRLF line terminators	85DE642E1467807F64F7E10807DF3869	C795B490811C0E5A1A8F3C3F620AAB9F00C34F07	5965B2C5472AACA1CD66EA5B0D07A971B961FEE72FC27EB1F6C760042084B21B
Chrome Cache Entry: 183	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9027BAAB2045A7969510E3D45D81B2AB	0F8A60AA87EFEE5EBC52B1F03CC29016C1F01FCF	8C2CCD6F99697D389CDA4DD628D7214ACFB3A87E9124469369067BBBE190B60B
Chrome Cache Entry: 184	ASCII text, with very long lines (45741)	458DE95432EF8D4FCA28BB532B18C314	2A35163C1225E25DF8427B5D877CFE43299BE502	3332D913029F564F91B3EE85ABB4FA444D8DB0F97B346804088FA4B9DA643F66
Chrome Cache Entry: 185	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	EB045E15848896E6AB9067CD98C2593A	5F275B43A14590BE4D9CE080F402E2B8B31DFE24	2E95CBE5BB7C33C2F9F38EA9940B298AE44BD15093C5C52602304EF104BC35B5
Chrome Cache Entry: 186	ASCII text, with very long lines (489), with no line terminators	1B2A435A789C13A2BD15B9DAF7CC240A	944CA601141C1C4062E7EBC4190FCAA265A35AAD	5FEED0CB9E52210875B953D1B2A624BD538FCC502666741106890D6326B31718
Chrome Cache Entry: 187	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	BB8B1888B6FD4043DADC3A45F90B29B8	E463885C1F89E3E6840F92E5B34DA1A5AB8076AF	E98B3981FC1AA79D27FC4DEC30502EBBC04F2A0B143F1876226F5831DA721E06
Chrome Cache Entry: 188	ASCII text, with no line terminators	9085E17B6172D9FC7B7373762C3D6E74	DAB3CA26EC7A8426F034113AFA2123EDFAA32A76	586D8F94486A8116AF00C80A255CBA96C5D994C5864E47DEAC5A7F1AE1E24B0D
Chrome Cache Entry: 189	Unicode text, UTF-8 text, with very long lines (1587), with no line terminators	CB027BA6EB6DD3F033C02183B9423995	368E7121931587D29D988E1B8CB0FDA785E5D18B	04A007926A68BB33E36202EB27F53882AF7FD009C1EC3AD7177FBA380A5FB96F
Chrome Cache Entry: 190	HTML document, ASCII text, with CRLF line terminators	99BFBF420623D470611FE79AB9A4FD06	F045BAD402849E4E686346DA65FBE79E0B8EC7EF	7828284C8597304719B4660E5D8169D6BFD3C59EEE131AB4A18EEDB953A044A6
Chrome Cache Entry: 191	ASCII text, with very long lines (14289), with no line terminators	43983CEDFD43232C41CB4DDD2D5024FA	3962366AA5651807E3AF1B3EFA0B4308C83AF8EF	23667FFE840332FF061995CF43D4C2DF5FB8BCB6641FF76A59B30E482ED5658B
Chrome Cache Entry: 192	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	EAD70E0C20304EABE9B94A9075BD1A1C	AF26D71CA92A80460887093E5FA57EAFF276B409	5D24258F6CD92D9BD1C726309E95B9E943065920B2BB230F3031D39912EB09D6
Chrome Cache Entry: 193	ASCII text, with very long lines (3363), with no line terminators	FABB77C7AE3FD2271F5909155FB490E5	CDE0B1304B558B6DE7503D559C92014644736F88	E482BF4BAAA167335F326B9B4F4B83E806CC21FB428B988A4932C806D918771C
Chrome Cache Entry: 194	ASCII text, with very long lines (3224), with no line terminators	77DA6D30B44637698FD9AD0B70E644FD	3AA4A2FE6FC77D2E0527376EEB70A81B75090488	0977EF68C1C4DD7F6759E2C9D200EB67490CD578A3013065A1AA43C893658CAE
Chrome Cache Entry: 195	ASCII text, with very long lines (888), with no line terminators	F1CF1909716CE3DA53172898BB780024	D8D34904E511B1C9AAE1565BA10CCD045C940333	9ABAC0CBFA6F89106B66CD4F698EAD5CCBF615ECF8CD7E9E88567A7C33CFEC01
Chrome Cache Entry: 196	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 197	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	CE402D7CB0C1D00E1BC529E9C751C292	F3C787EEE342C67C2A70DC9EF18D526C5D01FC74	48E78F7158031988FE7FB0E1DFC0D2F4BE3162E3AE67EACF5CAAEE0F96C37E4D
Chrome Cache Entry: 198	Unicode text, UTF-8 text, with very long lines (65531), with no line terminators	5D60B9D3EC4EBCD3B466E93CAEC37D19	CDF201249B13E8108CC66A6A30C995562F01CAEA	6178485917F6E365E7BC2E9BFBF4F942F9CD8103E05960480F3C92B49CE28F54
Chrome Cache Entry: 199	ASCII text, with very long lines (924), with no line terminators	47442E8D5838BAAA640A856F98E40DC6	54C60CAD77926723975B92D09FE79D7BEFF58D99	15ED1579BCCF1571A7D8B888226E9FE455ACA5628684419D1A18F7CDA68AF89E
Chrome Cache Entry: 200	PNG image data, 64 x 64, 8-bit colormap, non-interlaced	A2427317501D1B69D453B45C27055F93	66B89C0FB5C38765D68CDEBCAA0514F25AAA02B4	6DE3C5D37793237D5CB92DF07025E0C1A984B4877D5C344319E34431E5D72FB6
Chrome Cache Entry: 201	HTML document, ASCII text, with very long lines (18876), with CRLF, LF line terminators	85228108F0EEED037242EFC3603C196D	8DFE84758429E76E3AA93EC4D15ADD2D0E763C8F	A8DE98E9274CB5B9A6901DC259B2F01EB0C8B49D3FEFEA6FDB7EA09468AFA7E3
Chrome Cache Entry: 202	HTML document, Unicode text, UTF-8 text, with very long lines (46886)	317C1BC851D0924CA2DF59A4EA8C7A3F	45830E951728A2A706F2A9A73BCED2F42CA265D6	77F7507F9B2A3BFB916C184565772A41E4BADAC64F55BEDE93275DFFA3C46096
Chrome Cache Entry: 203	Unicode text, UTF-8 text, with very long lines (46429), with no line terminators	72BCA04FD669EB89FC65D59052D0FC00	27E60AEF86F0CB1B2F6B6ED9DF9A4E3BA88EFD21	823804A7807864B44093A3843788F4CD076E89CF4A6FDEB8D153AE5C2C2DF721
Chrome Cache Entry: 204	HTML document, ASCII text, with very long lines (955), with CRLF line terminators	85DE642E1467807F64F7E10807DF3869	C795B490811C0E5A1A8F3C3F620AAB9F00C34F07	5965B2C5472AACA1CD66EA5B0D07A971B961FEE72FC27EB1F6C760042084B21B
Chrome Cache Entry: 205	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	21A84EFEA68D384E84639AB207EAB851	47C12B482EE42BFDE8E1E44CFA93F626545E5641	2BF5CBD81BF9DE7227AAB97668868CEF4AF499156C80E68BF5528F7682E9516F
Chrome Cache Entry: 206	ASCII text, with no line terminators	9085E17B6172D9FC7B7373762C3D6E74	DAB3CA26EC7A8426F034113AFA2123EDFAA32A76	586D8F94486A8116AF00C80A255CBA96C5D994C5864E47DEAC5A7F1AE1E24B0D
Chrome Cache Entry: 207	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 208	HTML document, ASCII text, with very long lines (2618), with CRLF line terminators	ACB2A2E01963B9061769D28699A4761A	44127E5A75FA97C982BFFC637C8D749FEEE22BC5	CCFC6B6D057190C62F3CEBBBEB8E14B92767EC09C67A15FC8E422A96FE1E17AC
Chrome Cache Entry: 209	ASCII text, with no line terminators	D7B1A8F127298855AFF0611800B9D326	02E463626252EF8E169183CC5B04DDEDD995239F	F6D3695568A8B593A69B86C68260E12D40C84A94F2D01C498FC2087FA5AC511B
Chrome Cache Entry: 210	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 211	ASCII text, with very long lines (1970), with no line terminators	8898A2F705976D9BE01F35A493F9A98F	BC69BEC33A98575D55FEFAE8883C8BB636061007	5F30270AA2DC8A094D790E1E4A62B17C7D76A20B449D9B69AF797A55FADA9108
Chrome Cache Entry: 212	SVG Scalable Vector Graphics image	14009B498940F9D4D1C49DA3031CC003	BC4DBAEBF13DD1CCEE51CF85B39E50A2AF612017	6455F219BB686CEAB29AAAA6515D3293C94189A6DAA2E1C5D89F0B81DB454981
Chrome Cache Entry: 213	ASCII text, with CRLF line terminators	2662A9428651A5C8259234AD20AB6780	CB8B3BC2BA537EE7F02ECB255BBF18B051FCD5D3	90833AC70C39AD6F25FC631AB9E0EA49DA23D5D20CF3C59BEF22F27539ADA30F
Chrome Cache Entry: 214	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	A5ED0743760FB1ED84BE65BBE655E09D	68CE2BE540A3DC52FD5E5795810AA2DCB8E9BD85	87547088EBFBE90DE71A7005BEFCB49DE9744C09CD2546A4864F92E090300837
Chrome Cache Entry: 215	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 216	HTML document, Unicode text, UTF-8 text, with very long lines (23179), with CRLF line terminators	0A51621C0EF5527AD107E8B42B6510AB	797AE8E856747FD573311B254FB724D2AB58953B	A71121F607035574A43ACD1E8A47E58BD264A0A68EC1A356F1C6837972822F5A
Chrome Cache Entry: 217	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	23DA207B19E4B6A16F37AAD2C5044540	4EA4B430269E1D745535DE086A3BC8E99EA2D1CC	52A390752EDE1278907143F93B8B93F5DBB4053C66BB0808305779742FF1E8E0
Chrome Cache Entry: 218	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 219	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	565F376DEF3C5CD1F75260FE608FF242	468E88393B13764E5805F05904BA8011B30F66ED	322211892EA5E6D6B399A5A9ECBF8E13A4C1D9A49CB834FA82DF62431BBDE5E0
Chrome Cache Entry: 220	HTML document, Unicode text, UTF-8 text, with very long lines (28966)	81DC5422A6B78A3ACE79FB819F08532A	69A71EE4E5F0D42E9C063E2779C94723E1A9B0F1	776221B564851DAD676D3DA0D257B589D03CF0DE38E18379DA0BE3B83FF16DBD
Chrome Cache Entry: 221	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	49BFBB57A9E30B52D47D93903FBCEDAA	40EEAF0F914B1A2E66950EA8907D427B242814AA	DC489FBFF98BDA7BCE75B23160BC74942EC7C4725EFC65B985425A944C8631D5
Chrome Cache Entry: 222	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	604ADFB53677B5CA4F910FFB131B3E7C	5F1A0FB4E4AD3707E591CE16352158263488ED70	24638331466A52BB66F912090E7A9CC9E3DF2236E39C187C9409104526B472B0
Chrome Cache Entry: 223	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	9ADD506BF3164E0417F1CA727A6E1EC5	A5D575B670C0826AA3F80FBF2C2FD020949B4B40	B6A21823A6E0F7691E5439EEA030D93B717D4446D547242E03D499D7D98A8CC0
Chrome Cache Entry: 224	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	57D70F1321256C9EBC2B809955EC0D61	9F8561124D64608B20E319E9DA7BB0E67FB0EACF	A224430D0B2F9BF714102CA10828B5DBD1FEA8E3CDBBED94C6D331A9DAB2D13D
Chrome Cache Entry: 225	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 226	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	53FC0BF385DE80EC605CAFBA2FBE0C7E	9769BBC82D6773C35013D851F5625299456F8A24	0E5930BF10DC6080AD2B1B9E9B121600A0CDF6D5B4558061C7A167205474B3EC
Chrome Cache Entry: 227	ASCII text, with very long lines (544), with no line terminators	2AC240E28F5C156E62CF65486FC9CA2A	1F143A24D7BC4A1A3D9F91F49F2E1BA2B1C3D487	4325982915D0A661F3F0C30C05EB11A94CB56736D448FDC0313143818741FAA3
Chrome Cache Entry: 228	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 229	ASCII text, with very long lines (65436)	D390AA6A6D257834D807D8E7DDC90968	6A6EFD105DBBEB099D25998A38875808D83AF5C8	D755D7CE744425DEE51A3BD8CBA9B2A789D96C584C9958082B557FEB70F226D9
Chrome Cache Entry: 230	ASCII text, with very long lines (38710), with no line terminators	A5CD0E7967E63784F3C7DF62208F8A5B	6D5F7455A4EAF1E46A40B770D70E7B67F4288D5E	B81BE2CBE94D80726155334B7F5E64ECF24F57A9F6D41F2E0E451B8C1126E71F
Chrome Cache Entry: 231	ASCII text, with very long lines (511), with no line terminators	D6741608BA48E400A406ACA7F3464765	8961CA85AD82BB701436FFC64642833CFBAFF303	B1DB1D8C0E5316D2C8A14E778B7220AC75ADAE5333A6D58BA7FD07F4E6EAA83C
Chrome Cache Entry: 232	ASCII text, with very long lines (65188)	13B147A683AF38608F9C22EE9D66A832	F9291CD3A214674A186F4BE85CDC655A6B3A31FA	F0B2216568BB538A00EE14C13AD49EA15B1653044A219A698889610EDCF9BF05
Chrome Cache Entry: 233	HTML document, ASCII text, with very long lines (955), with CRLF line terminators	85DE642E1467807F64F7E10807DF3869	C795B490811C0E5A1A8F3C3F620AAB9F00C34F07	5965B2C5472AACA1CD66EA5B0D07A971B961FEE72FC27EB1F6C760042084B21B
Chrome Cache Entry: 234	ASCII text, with very long lines (1961), with no line terminators	6932CD1A76E6959AD4D0F330D6536BB4	E2E7160642FE28BD731A1287CFBDA07A3B5171B7	041EB2E6F2582F4C19C0820ACF9A0E9A2C7262EDEDE0D397A5F6F0215E83F666
Chrome Cache Entry: 235	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	565F376DEF3C5CD1F75260FE608FF242	468E88393B13764E5805F05904BA8011B30F66ED	322211892EA5E6D6B399A5A9ECBF8E13A4C1D9A49CB834FA82DF62431BBDE5E0
Chrome Cache Entry: 236	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	23DA207B19E4B6A16F37AAD2C5044540	4EA4B430269E1D745535DE086A3BC8E99EA2D1CC	52A390752EDE1278907143F93B8B93F5DBB4053C66BB0808305779742FF1E8E0
Chrome Cache Entry: 237	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	527EB83CF881894BD4253263E25E1E87	3D593A86EA2AFB90670936CCD379B054D55D7654	09FB2CA8A0BF123F6ED9280053E0B19837CD7C538B587D85969B3C6806141B8D
Chrome Cache Entry: 238	ASCII text, with very long lines (61169)	9C1139152AA7F4AA47E386654DCDD5A9	5FFC6A9E66220C6F829A8BD93EBA584079852992	2518655800698C89AE0BBC34B3B362C13E558BCB3EA4BD6C2CF4BBCF9E87B927
Chrome Cache Entry: 239	ASCII text, with very long lines (3010), with no line terminators	12AE5624BF6DE63E7F1A62704A827D3F	C35379FC87D455AB5F8AEED403F422A24BBAD194	1FB3B58965BEBC71F24AF200D4B7BC53E576D00ACF519FB67FE3F3ABDEA0A543
Chrome Cache Entry: 240	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	BAF481590B381BDFDBBD12F79CA50F4F	E3883385767D87452EC70E99C023D68DFB42BCA2	C91FF7C0C3BBA3A9BF579CC239E1DB030EC72E74204E6582F13852306BFAE5E8
Chrome Cache Entry: 241	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	123179677A01EF8ED893EEBC872A6BFF	C10A80F6BD292FB7936FC5642F5374305CD2BFAB	C680D7A133B89DF99402273F66EF39CD335D8ADAB3BF790BD611E35876ED9B8A
Chrome Cache Entry: 242	ASCII text, with no line terminators	686C3532529C74528EDF9183D2827C4A	04059635E4466617443385F9EFE9D88775141567	8FC8AAB7C91DB3E8D897C9A009C1CDD5B4855AE5523A208DBF937DE4109CB312
Chrome Cache Entry: 243	ASCII text, with very long lines (891), with no line terminators	02B0B245D09DC56BBE4F1A9F1425AC35	868259C7DC5175A9CC1E2EC835F3D9B4BD3F5673	62991181637343332D7B105A605AB69D70D1256092355CFC4359BEE7BDBFB9C6
Chrome Cache Entry: 244	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	58756A15CA84C4BEF1001888468DF4B2	3862D1196EBE713C37705FFFF163CE916F182D3D	35FF4BDB472B7DDF52DF911D5BBB12CBF70CBA30A782383F1C7CE39B8E24ADBE
Chrome Cache Entry: 245	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	9ADD506BF3164E0417F1CA727A6E1EC5	A5D575B670C0826AA3F80FBF2C2FD020949B4B40	B6A21823A6E0F7691E5439EEA030D93B717D4446D547242E03D499D7D98A8CC0
Chrome Cache Entry: 246	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	85D0F1CD17BF776CAD27ECDCFF25E32A	89C5541BFE01BD24ACB784B7CF502CDC58A3CDBF	E94A2953F3FF2E8CC2FFE8F01D037311EC0798A316066C2107F2EF510018E581
Chrome Cache Entry: 247	ASCII text, with no line terminators	2166C09EA15BA88E843D4E84DF2C48A3	CBFF10FF66823D5EF13309A7913C600EEAEBA187	02F6E697A3AAB3BE32F5FB28488862BF9ED344B4D60CCDF85CD1E244FF285C62
Chrome Cache Entry: 248	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 249	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 250	JSON data	11AD76564B08EB1CB82F42A1BCDF8553	E78A98B8ADA49030127695E1FDB0A28340741279	744F3613F76A68B30CA187EB998AA046D3600471EE15DECD5C20A8FBF2F62777
Chrome Cache Entry: 251	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	DF293CD88AEF21E1C575E10F9BEA2AA3	7AF2B1060AE292DC9F7A9458336BA763DEB2DB89	066DA4F8CC9A8ECEBBDBB1660633119F52E421A033590F3D41373525727D0DFA
Chrome Cache Entry: 252	ASCII text, with very long lines (1961), with no line terminators	6932CD1A76E6959AD4D0F330D6536BB4	E2E7160642FE28BD731A1287CFBDA07A3B5171B7	041EB2E6F2582F4C19C0820ACF9A0E9A2C7262EDEDE0D397A5F6F0215E83F666
Chrome Cache Entry: 253	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	675EB1837DA1CB1DA4D2F53000E3A93E	139C9BD4683914490CDCF604B55EA6F0BBBF5C11	539AE0AAB3644D377261C105D63A4976332F0357314FCDA6121CD2BCF0804DB1
Chrome Cache Entry: 254	JSON data	11AD76564B08EB1CB82F42A1BCDF8553	E78A98B8ADA49030127695E1FDB0A28340741279	744F3613F76A68B30CA187EB998AA046D3600471EE15DECD5C20A8FBF2F62777
Chrome Cache Entry: 255	ASCII text, with very long lines (1949), with no line terminators	718C9D9C2D2A498DE3C6953B6347A22F	B2F1A5400618972690D509E970CC3ABEB72513F4	66133F155E3A433E9EECA08DFC3B4E225D358E1A89AB0665379EFF319F9F0081
Chrome Cache Entry: 256	ASCII text, with very long lines (888), with no line terminators	F1CF1909716CE3DA53172898BB780024	D8D34904E511B1C9AAE1565BA10CCD045C940333	9ABAC0CBFA6F89106B66CD4F698EAD5CCBF615ECF8CD7E9E88567A7C33CFEC01
Chrome Cache Entry: 257	ASCII text, with no line terminators	39A19D0882684989864FA50BCED6A2D1	5CED55DAC2E0427E9DC605CEC1FEDAB0949EB15E	8FBEDED073249C3611742297EE96A976A95EE113F33B9A422A5D3A7A2DEB63E5
Chrome Cache Entry: 258	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	4C3C78E819D1E5BACD7D85C75AC1CA72	6FEA985B5D21BF7875A42A4C786902DD23B7028E	AA1F66A25781D54DA4A7CD647C4D4FA885E113B1A72D07F0931418DADE408B19
Chrome Cache Entry: 259	ASCII text, with very long lines (65468)	C410CBB119414358BA5FA6D7DBF3EAC7	FE126016078D1605E1B73960C5FD377558D5C1E4	4B817B15AC87B1FFCE83ADD694925493BD028E8D89DC3C748B2C619BA6DBB13A
Chrome Cache Entry: 260	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	7A834267F3DAF2B63F2BFC7EFD379C78	CEE75DE263B4C9595F39C5CD6028A9979CD9C7C5	4D506C15178637FE10595A16145FBCCEA8227FB3464C79428A0A85BFB90B6CDE
Chrome Cache Entry: 261	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	A39096874E06F896BA414D93D391854E	34562F99E7E1C544B58C736F783E40936DD4F25A	B66DFC5798EEAE0EF51BA97D241E1C1AA703E9A60A5080AC57FD6A65D92BEC8E
Chrome Cache Entry: 262	ASCII text, with very long lines (7561), with no line terminators	FBF143B664D512D1FA7AEEEBA787129C	F827B539AE2992D7667162DC619CC967985166D9	E162CCD10A34933D736008EB0BC6B880C4E783CF81F944BCA7311BF5F3CD4AFF
Chrome Cache Entry: 263	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	4A4988C4D415B5C76E2A8FF4D99E4313	CA01AB88AB8631554176AE231B87AC9834027709	3BC34AC3DBDE3974672AF1451507272732752DF925C60A2C0244ECE786945D26
Chrome Cache Entry: 264	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	57D70F1321256C9EBC2B809955EC0D61	9F8561124D64608B20E319E9DA7BB0E67FB0EACF	A224430D0B2F9BF714102CA10828B5DBD1FEA8E3CDBBED94C6D331A9DAB2D13D
Chrome Cache Entry: 265	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	EB045E15848896E6AB9067CD98C2593A	5F275B43A14590BE4D9CE080F402E2B8B31DFE24	2E95CBE5BB7C33C2F9F38EA9940B298AE44BD15093C5C52602304EF104BC35B5
Chrome Cache Entry: 266	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9CD33374398095A4F24475C397E4C0CB	4FCD56D346D06E00DEFE2DDE24C386FDDE967808	F835CA1C2E5C3845562A832E8AB1C0719617FBC2E64834EC30F329E562237BF5
Chrome Cache Entry: 267	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	B96C3BE15D5776400312CD89883B15A4	98E420B53C395B8BE9E2CC17AAA77CCF7E55CFA1	EF8F328845F2894F5EA10F2B5B3E947E54FFDE34BB328704BE7DDF2D6A387AB8
Chrome Cache Entry: 268	ASCII text, with very long lines (5564), with no line terminators	72A034CA33C75D118741FC3B3A584571	288CD516A9E5C1EC865690AB1A6246A1B41720A4	16F49634DAB9D1C1732F465D25321229FB06BD7161FCEEC77DC62CA9D8FC1B11
Chrome Cache Entry: 269	exported SGML document, ASCII text, with very long lines (5726), with no line terminators	9C9598C47CD50FBE1566B58D9A80E043	0FF031B496EE0A0C4ECB0A4AEDEEEB61504E058C	942B23D8915B564B227EBA715F5715386463B121401DC4108726C1B9F7537C3D
Chrome Cache Entry: 270	PNG image data, 216 x 46, 8-bit/color RGBA, non-interlaced	9F14C20150A003D7CE4DE57C298F0FBA	DAA53CF17CC45878A1B153F3C3BF47DC9669D78F	112FEC798B78AA02E102A724B5CB1990C0F909BC1D8B7B1FA256EAB41BBC0960
Chrome Cache Entry: 271	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	777739CC2D184E5E31BBFF2B738BE1C0	115FE2281F6B7F81237B44A69B8FBA045E9FFFEF	DAB9BBB0C88B23AF25F8FB3F086DF57FA739B8CDC715CFC57EA4C7B953E5FB90
Chrome Cache Entry: 272	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 273	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	527EB83CF881894BD4253263E25E1E87	3D593A86EA2AFB90670936CCD379B054D55D7654	09FB2CA8A0BF123F6ED9280053E0B19837CD7C538B587D85969B3C6806141B8D
Chrome Cache Entry: 274	ASCII text, with very long lines (576), with no line terminators	F5712E664873FDE8EE9044F693CD2DB7	2A30817F3B99E3BE735F4F85BB66DD5EDF6A89F4	1562669AD323019CDA49A6CF3BDDECE1672282E7275F9D963031B30EA845FFB2
Chrome Cache Entry: 275	ASCII text, with very long lines (54969), with CRLF, LF line terminators	302E6041FA5B4D48CBBBAD2C402C14D7	66273C7A4D569C1C5E566D9BF15AF4BAE6BEEB83	6202C1621C9126A5089E97E5C1F092C6EBD2271875015564CC73957FD5E8B758
Chrome Cache Entry: 276	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	257E6D6F5D36A97FAC1112278B9D8AE9	22B1817FAC72F51B0C8BE3280F4BA37865D550AC	8D3B9EBA6FBC9CD47BB71942AEABBF6D916D68925DF2E9A21B6243B3A0D6F981
Chrome Cache Entry: 277	ASCII text, with no line terminators	A5363C37B617D36DFD6D25BFB89CA56B	31682AFCE628850B8CB31FAA8E9C4C5EC9EBB957	8B4D85985E62C264C03C88B31E68DBABDCC9BD42F40032A43800902261FF373F
Chrome Cache Entry: 278	JSON data	9E576E34B18E986347909C29AE6A82C6	532C767978DC2B55854B3CA2D2DF5B4DB221C934	88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D
Chrome Cache Entry: 279	ASCII text, with no line terminators	FFDF36EA8BC44BB187C17DE113EE5C5F	315CCB39356B97B40797BB2AF89A7397B66D7EFE	B0613ED71834B726DC1241F28B12071A64B0CC19D99B33D834F1C06062BFE280
Chrome Cache Entry: 280	PNG image data, 64 x 64, 8-bit colormap, non-interlaced	A2427317501D1B69D453B45C27055F93	66B89C0FB5C38765D68CDEBCAA0514F25AAA02B4	6DE3C5D37793237D5CB92DF07025E0C1A984B4877D5C344319E34431E5D72FB6
Chrome Cache Entry: 281	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	675EB1837DA1CB1DA4D2F53000E3A93E	139C9BD4683914490CDCF604B55EA6F0BBBF5C11	539AE0AAB3644D377261C105D63A4976332F0357314FCDA6121CD2BCF0804DB1
Chrome Cache Entry: 282	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	7A834267F3DAF2B63F2BFC7EFD379C78	CEE75DE263B4C9595F39C5CD6028A9979CD9C7C5	4D506C15178637FE10595A16145FBCCEA8227FB3464C79428A0A85BFB90B6CDE
Chrome Cache Entry: 283	ASCII text, with very long lines (41651)	30B7C335C62E5269E2D35B8E8B9F44B4	C6D92B1516EB8F6D44AAF171FB24A1B2AADD0C4C	10733A5D876108F81C5F78EEE5C9760A739D89C52FA6180C4290B7F909F24346
Chrome Cache Entry: 284	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	6B73C606328C77746DA7E3E33371397B	CD8F9FBC3AAD88ABF4BBDCBBA6EC5C7B9273E2DF	767DA0CD231FCCA16D68520427B2259D74CE78A7642E7F5EA79492E8E127BD96
Chrome Cache Entry: 285	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	4A4988C4D415B5C76E2A8FF4D99E4313	CA01AB88AB8631554176AE231B87AC9834027709	3BC34AC3DBDE3974672AF1451507272732752DF925C60A2C0244ECE786945D26
Chrome Cache Entry: 286	ASCII text, with very long lines (746)	87EFFB0BB533C1D79F5C94FD9E30C14D	4E4F5F3CDDDDBFDDB46A1626D7CE579A639DE389	617E32CA57507098771FD30AF6B9DCAB063448F6D7E0BC6D6557DD1895F80543
Chrome Cache Entry: 287	ASCII text, with very long lines (5131), with no line terminators	FC132DBDD7333FB01FE1787319C4D097	780F822661C7260FCC91775562CA6C68D0CF41FB	8FEB7737FE473FE912DC464AB478A84885F0108CDE4BF4933027A563AEC35516
Chrome Cache Entry: 288	ASCII text, with very long lines (511), with no line terminators	D6741608BA48E400A406ACA7F3464765	8961CA85AD82BB701436FFC64642833CFBAFF303	B1DB1D8C0E5316D2C8A14E778B7220AC75ADAE5333A6D58BA7FD07F4E6EAA83C
Chrome Cache Entry: 289	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	D764B0D60B1FA83FEC36FA9F6B5EB5F8	9E31B90E0E7B8C87920F289E11114BB2E71766C9	855B2439E9F797CA247D1DE6965F908ADA4D904ED5678005A56673E8CE2BF6BC
Chrome Cache Entry: 290	ASCII text, with very long lines (65536), with no line terminators	7FE83E801274A3F7558AF60CF844E1BA	2B3B5F8A2E63B7FB59A8E7C7F535D3B619A0FFCC	0BD4E3AFF07FA67E913DDCAB8CF93980A472626A9C6043DA546253700F344D52
Chrome Cache Entry: 291	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9027BAAB2045A7969510E3D45D81B2AB	0F8A60AA87EFEE5EBC52B1F03CC29016C1F01FCF	8C2CCD6F99697D389CDA4DD628D7214ACFB3A87E9124469369067BBBE190B60B
Chrome Cache Entry: 292	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	791846A91AAE1AA5FE050806B1B9BD67	2469FB46FEF82C62DB4E19CFA452F24F39737938	920FB185011933A05E51CAE48FA2C14453C2D155EAE1CD0AE166EC0575E56D11
Chrome Cache Entry: 293	ASCII text, with very long lines (405), with no line terminators	6C62AF0CE92E17845CECFFEE0CCA84AA	2E4C2BBB7646BFF0E786704876167866346F52BC	DE794A040708B4DD4510F3348CB44C9B7A8EE232B693B4BB7E4545C86A313603
Chrome Cache Entry: 294	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	A39096874E06F896BA414D93D391854E	34562F99E7E1C544B58C736F783E40936DD4F25A	B66DFC5798EEAE0EF51BA97D241E1C1AA703E9A60A5080AC57FD6A65D92BEC8E
Chrome Cache Entry: 295	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	413656D7B02A189B01A10323A1820101	3CD27C361360729AAB2EEA7948AC47787CA7CE5C	C55D64F52F840EAB7BBE2E46EEFD1D362B6EDBC2839B9A43CEAA23EE00864CE8
Chrome Cache Entry: 296	PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced	85D0F1CD17BF776CAD27ECDCFF25E32A	89C5541BFE01BD24ACB784B7CF502CDC58A3CDBF	E94A2953F3FF2E8CC2FFE8F01D037311EC0798A316066C2107F2EF510018E581
Chrome Cache Entry: 297	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	257E6D6F5D36A97FAC1112278B9D8AE9	22B1817FAC72F51B0C8BE3280F4BA37865D550AC	8D3B9EBA6FBC9CD47BB71942AEABBF6D916D68925DF2E9A21B6243B3A0D6F981
Chrome Cache Entry: 298	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	BB8B1888B6FD4043DADC3A45F90B29B8	E463885C1F89E3E6840F92E5B34DA1A5AB8076AF	E98B3981FC1AA79D27FC4DEC30502EBBC04F2A0B143F1876226F5831DA721E06
Chrome Cache Entry: 299	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	9EFDA6D44D25EDAC67BAB1BAF1991576	E84314831F7C57C467B5F5A3CB485F1E1033E89A	98ECDAFD857975933B6AC3F8327AC913A6521A04FD1D378D386C17089A7DC46D
Chrome Cache Entry: 300	ASCII text, with very long lines (924), with no line terminators	47442E8D5838BAAA640A856F98E40DC6	54C60CAD77926723975B92D09FE79D7BEFF58D99	15ED1579BCCF1571A7D8B888226E9FE455ACA5628684419D1A18F7CDA68AF89E
Chrome Cache Entry: 301	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 302	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 303	MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel	604ADFB53677B5CA4F910FFB131B3E7C	5F1A0FB4E4AD3707E591CE16352158263488ED70	24638331466A52BB66F912090E7A9CC9E3DF2236E39C187C9409104526B472B0
Chrome Cache Entry: 304	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	EAD70E0C20304EABE9B94A9075BD1A1C	AF26D71CA92A80460887093E5FA57EAFF276B409	5D24258F6CD92D9BD1C726309E95B9E943065920B2BB230F3031D39912EB09D6
Chrome Cache Entry: 305	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 306	HTML document, Unicode text, UTF-8 text, with very long lines (46886)	508878986E06C683B2D501AB477E5A87	3101FFAE6DBF01579CAA7A2C776DD2AC0DDB7466	CAB3F6262EBC48D4C3488D9DAB716FE7928AFA2B6569D5945BEEB9A6B27CE7EA
Chrome Cache Entry: 307	ASCII text, with very long lines (891), with no line terminators	02B0B245D09DC56BBE4F1A9F1425AC35	868259C7DC5175A9CC1E2EC835F3D9B4BD3F5673	62991181637343332D7B105A605AB69D70D1256092355CFC4359BEE7BDBFB9C6
Chrome Cache Entry: 308	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	0CB9064D95E743D3B817D18EB682652B	7C14828B737B94843255F5640022C5A4B4F1E478	CB02BB9A41135A72EF197BEA78F1C6BFCBB9AFB7E42EBA4FDA6D17EC1FDF9796
Chrome Cache Entry: 309	Unicode text, UTF-8 text, with very long lines (57524), with no line terminators	069C51EB8F280AA85C91718F882CBCFD	BCBA155E3AF21DC023A504C3806A8D4E056E43E5	0015DF44084C99EFC7AFD3352BCFEB25286A5490B2933366852E844A12130FB1
Chrome Cache Entry: 310	ASCII text, with very long lines (544), with no line terminators	2AC240E28F5C156E62CF65486FC9CA2A	1F143A24D7BC4A1A3D9F91F49F2E1BA2B1C3D487	4325982915D0A661F3F0C30C05EB11A94CB56736D448FDC0313143818741FAA3
Chrome Cache Entry: 311	ASCII text, with very long lines (1772), with no line terminators	B7BFA4B5BD91261544EC3AF325FC959F	50934BE0FC74BF286D969657EB6135855B4EBF29	4726966E38D630052FF80DB65DF3AF7256A28C577397DCBAB577827E5652F52B
Chrome Cache Entry: 312	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	D764B0D60B1FA83FEC36FA9F6B5EB5F8	9E31B90E0E7B8C87920F289E11114BB2E71766C9	855B2439E9F797CA247D1DE6965F908ADA4D904ED5678005A56673E8CE2BF6BC
Chrome Cache Entry: 313	ASCII text, with very long lines (560), with no line terminators	9B28631B7C46706DBB7EEF2D16D9549B	2A463D97AF924D3B10C250181D0D902562494184	F8FA36AB6505DA51BEF5521EF84793391BE9C16DE5ABD6BB99C20FE4D1FB48CF
Chrome Cache Entry: 314	ASCII text, with very long lines (32089)	397754BA49E9E0CF4E7C190DA78DDA05	AE49E56999D82802727455F0BA83B63ACD90A22B	C12F6098E641AACA96C60215800F18F5671039AECF812217FAB3C0D152F6ADB4
Chrome Cache Entry: 315	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	F817B534B0F6BDB7F097851870B85142	B445F442E4C972D7964AC515F04C20E5403718E5	C4AB2F1EF6CCE24EB48B54ECA2B51CD5A2F0C0752FA6289176156F16EE9367A2
Chrome Cache Entry: 316	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	F817B534B0F6BDB7F097851870B85142	B445F442E4C972D7964AC515F04C20E5403718E5	C4AB2F1EF6CCE24EB48B54ECA2B51CD5A2F0C0752FA6289176156F16EE9367A2
Chrome Cache Entry: 317	Unicode text, UTF-8 text, with very long lines (65532), with no line terminators	12DD1E4D0485A80184B36D158018DE81	EB2594062E90E3DCD5127679F9C369D3BF39D61C	A04B5B8B345E79987621008E6CC9BEF2B684663F9A820A0C7460E727A2A4DDC3
Chrome Cache Entry: 318	ASCII text, with no line terminators	6BB67F495601048D153FBC0E1B5D05CE	23A3E77DB69B11287E84568C2E94192A1EBE4E2C	5B053E9B260D50775B96A767F054A10724CF5EC33A2A5AD06842AB96B439A108
Chrome Cache Entry: 319	HTML document, ASCII text, with very long lines (52465), with CRLF, LF line terminators	F83196AA2823F51D28B129FAEAF1D469	DADE9B42BB217CEB1663D044697F5F6863FB9489	3F72D99D835DEE45377C04E233026634877306C9E9BB9CAF42E00F93EB692ABD
Chrome Cache Entry: 320	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	1C48FD109B39DFF5886E1CBA818AB97F	1ABC416FC4DF9B3B4E9C1E7947E976167F2B46ED	82B86533D3AA0CFECBE6DB915C5700F7E38D59D7B403810BBBB4BA455223C4B1
Chrome Cache Entry: 321	ASCII text, with very long lines (576), with no line terminators	F5712E664873FDE8EE9044F693CD2DB7	2A30817F3B99E3BE735F4F85BB66DD5EDF6A89F4	1562669AD323019CDA49A6CF3BDDECE1672282E7275F9D963031B30EA845FFB2
Chrome Cache Entry: 322	Web Open Font Format, TrueType, length 26288, version 0.0	D0263DC03BE4C393A90BDA733C57D6DB	8A032B6DEAB53A33234C735133B48518F8643B92	22B4DF5C33045B645CAFA45B04685F4752E471A2E933BFF5BF14324D87DEEE12
Chrome Cache Entry: 323	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	1C48FD109B39DFF5886E1CBA818AB97F	1ABC416FC4DF9B3B4E9C1E7947E976167F2B46ED	82B86533D3AA0CFECBE6DB915C5700F7E38D59D7B403810BBBB4BA455223C4B1
Chrome Cache Entry: 324	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	791846A91AAE1AA5FE050806B1B9BD67	2469FB46FEF82C62DB4E19CFA452F24F39737938	920FB185011933A05E51CAE48FA2C14453C2D155EAE1CD0AE166EC0575E56D11
Chrome Cache Entry: 325	SVG Scalable Vector Graphics image	BC3D32A696895F78C19DF6C717586A5D	9191CB156A30A3ED79C44C0A16C95159E8FF689D	0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
Chrome Cache Entry: 326	ASCII text, with very long lines (3010), with no line terminators	12AE5624BF6DE63E7F1A62704A827D3F	C35379FC87D455AB5F8AEED403F422A24BBAD194	1FB3B58965BEBC71F24AF200D4B7BC53E576D00ACF519FB67FE3F3ABDEA0A543
Chrome Cache Entry: 327	ASCII text, with very long lines (21819)	30280C218D3CAAF6B04EC8C6F906E190	653D368EFDD498CAF65677E1D54F03DD18B026B5	D313C6FFF97701CC24DB9D84C8B0643CA7A82A01C0868517E6E543779985C46E
Chrome Cache Entry: 328	ASCII text, with very long lines (622)	865BB4B537E358915660DB75599AD5AA	D9B87009F598335E5FFB7385EE6921031491E6C5	6475D6174947ECC39AC5182A69BD78193A13AF57B3A53C1D2C34836E85F4D0BD
Chrome Cache Entry: 329	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 330	ASCII text, with very long lines (502), with no line terminators	A4FF9BE9619EE6148AEC1E62333BABF9	7AE2095C92227E2DD1B745DF21A64939E1F8FC34	F6E15630E7B92BBA973D2C07016A75382D870FFDA4BD23A813C665AAA210A045
Chrome Cache Entry: 331	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	6B73C606328C77746DA7E3E33371397B	CD8F9FBC3AAD88ABF4BBDCBBA6EC5C7B9273E2DF	767DA0CD231FCCA16D68520427B2259D74CE78A7642E7F5EA79492E8E127BD96
Chrome Cache Entry: 332	exported SGML document, ASCII text, with very long lines (5726), with no line terminators	9C9598C47CD50FBE1566B58D9A80E043	0FF031B496EE0A0C4ECB0A4AEDEEEB61504E058C	942B23D8915B564B227EBA715F5715386463B121401DC4108726C1B9F7537C3D
Chrome Cache Entry: 333	ASCII text, with CRLF line terminators	F470915635E37ADB368FD46BF0AC19F5	2614A9762A17D65749DDC5DE5FB87C23072BB713	C0ED539C90F2349E364A7F13A93F9BF09C3CE6514ACE9109C1F42B5A4A7630CF
Chrome Cache Entry: 334	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	1B5DCF3221D979DA27459566C9315582	9FFAD205F759B2CB9296C435A0C2EFE0A51A115F	AD7034605639390B4EAB3D02BE10D5DC7E99501DFE91C29A99D4499196AC971F
Chrome Cache Entry: 335	ASCII text, with very long lines (509), with CRLF line terminators	D0695FA83C56A56C1E5B34C507A83C78	C44FAEAA9D24C1B27BCE4109C5CCDE75083532B5	85E295570C3D8BB0C2D1E16BC40A5CD7DF7154F0FD90FD23CC0CE03C6F0A4290
Chrome Cache Entry: 336	PNG image data, 1030 x 92, 8-bit colormap, non-interlaced	3722F42B4F456CEB0A1555A413EB2D83	07A8C61DBCBB857B840BB7A74BCC62352530A97C	EC8D527D0173AC87E5FED6CF300BC9E8AFCFFB55BA137EBCFC2DF83E1633D8F5
Chrome Cache Entry: 337	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	21A84EFEA68D384E84639AB207EAB851	47C12B482EE42BFDE8E1E44CFA93F626545E5641	2BF5CBD81BF9DE7227AAB97668868CEF4AF499156C80E68BF5528F7682E9516F
Chrome Cache Entry: 338	ASCII text, with very long lines (5564), with no line terminators	72A034CA33C75D118741FC3B3A584571	288CD516A9E5C1EC865690AB1A6246A1B41720A4	16F49634DAB9D1C1732F465D25321229FB06BD7161FCEEC77DC62CA9D8FC1B11
Chrome Cache Entry: 339	ASCII text, with very long lines (308), with no line terminators	E849F94CD30EC77987643A0D405E33E4	D911609DA72CCFA9CFC3DBEFC5DF00185C9A42BF	B39968F3AB3C3867EFC7115C77D0239B0A2C505AE87766231BF46E32F7797C43
Chrome Cache Entry: 340	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	CE402D7CB0C1D00E1BC529E9C751C292	F3C787EEE342C67C2A70DC9EF18D526C5D01FC74	48E78F7158031988FE7FB0E1DFC0D2F4BE3162E3AE67EACF5CAAEE0F96C37E4D
Chrome Cache Entry: 341	ASCII text, with very long lines (1274), with no line terminators	A969230A51DBA5AB5ADF5877BCC28CFA	7C4CDC6B86CA3B8A51BA585594EA1AB7B78B8265	8E572950CBDA0558F7B9563CE4F5017E06BC9C262CF487E33927A948F8D78F7F
Chrome Cache Entry: 342	ASCII text, with very long lines (1593)	C54CD8CC971E2FC242E5C8D31481C705	38745AE4DB64652E42BA04C6C0D64013D26C4C31	5354C3CBEDDCB80CB6B61C563B7D12DD211E1FCB840302E4D6DD811DB1CB238F
Chrome Cache Entry: 343	ASCII text, with very long lines (5131), with no line terminators	FC132DBDD7333FB01FE1787319C4D097	780F822661C7260FCC91775562CA6C68D0CF41FB	8FEB7737FE473FE912DC464AB478A84885F0108CDE4BF4933027A563AEC35516
Chrome Cache Entry: 344	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	BAF481590B381BDFDBBD12F79CA50F4F	E3883385767D87452EC70E99C023D68DFB42BCA2	C91FF7C0C3BBA3A9BF579CC239E1DB030EC72E74204E6582F13852306BFAE5E8
Chrome Cache Entry: 345	Unicode text, UTF-8 text, with very long lines (64241)	AFB5C64B13342F6E568093548D0A2A9F	95FC121CCCFDBA12443CF87A9C823486065A14AB	238DB52476BF8107E2E851CD3299B071ED5944B570C1603A1EA758A4FADF5F29
Chrome Cache Entry: 346	ASCII text, with very long lines (15159), with no line terminators	A22E2C0FDFF98CA43B8F6BBCE34380AF	38CE56C65AA665F1EB7DDDB33A36222B1D9FFEFC	B7C5823DCEA11098A0FEDA4D2710C10997880C91185D42E6B6A1A9803CCA92D5
Chrome Cache Entry: 347	JPEG image data, JFIF standard 1.01, resolution (DPI), density 108x108, segment length 16, baseline, precision 8, 224x260, components 3	DF293CD88AEF21E1C575E10F9BEA2AA3	7AF2B1060AE292DC9F7A9458336BA763DEB2DB89	066DA4F8CC9A8ECEBBDBB1660633119F52E421A033590F3D41373525727D0DFA
Chrome Cache Entry: 348	SVG Scalable Vector Graphics image	EE5C8D9FB6248C938FD0DC19370E90BD	D01A22720918B781338B5BBF9202B241A5F99EE4	04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
Chrome Cache Entry: 349	PNG image data, 1030 x 92, 8-bit colormap, non-interlaced	3722F42B4F456CEB0A1555A413EB2D83	07A8C61DBCBB857B840BB7A74BCC62352530A97C	EC8D527D0173AC87E5FED6CF300BC9E8AFCFFB55BA137EBCFC2DF83E1633D8F5
Chrome Cache Entry: 350	HTML document, ASCII text, with very long lines (2083)	9454AE433838D58AC38BF13BDFD3EB31	D5B1358CD4E83F48539D5F035D2095949C298455	9BADDC6D93D1478B01C6C1B0B24AB5A4AD02DB45D94F075A5BB788961D37F59C
Chrome Cache Entry: 351	SVG Scalable Vector Graphics image	14009B498940F9D4D1C49DA3031CC003	BC4DBAEBF13DD1CCEE51CF85B39E50A2AF612017	6455F219BB686CEAB29AAAA6515D3293C94189A6DAA2E1C5D89F0B81DB454981
Chrome Cache Entry: 352	HTML document, ASCII text, with very long lines (18876), with CRLF, LF line terminators	21C4C7509F62960C92A89D3AA635EC65	FA8202EFAF79CB7085523650F9032857691A7151	C6F6762D2B60E0D24F5F2CBAD3B1196A0557A4FD4852019A258A03C80E19BCBC

AV Detection

Antivirus / Scanner detection for submitted sample

Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	Avira URL Cloud: detection malicious, Label: phishing
Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social usering

Phishing

AI detected phishing page

Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda

Phishing site detected (based on favicon image match)

Source: https://ms-1drive.com	Matcher: Template: onedrive matched with high similarity
Source: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda	Matcher: Template: onedrive matched with high similarity

AI detected suspicious javascript

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	LLM: Score: 7 Reasons: The code attempts to break out of an iframe by replacing the top-level window's location with the current location. This behavior is often associated with phishing attempts to prevent detection and ensure the malicious content is displayed in the full browser window. Additionally, the use of 'document.write' to inject HTML can be risky as it may lead to cross-site scripting (XSS) vulnerabilities. DOM: 3.4.pages.csv
Source: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU	LLM: Score: 7 Reasons: The code contains suspicious elements such as hardcoded URLs that appear to be related to phishing attempts, the use of obfuscated or encoded strings, and the collection of potentially sensitive information about plugins and fonts. These characteristics are often associated with malicious activities. DOM: 4.5.pages.csv
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	LLM: Score: 7 Reasons: The provided JavaScript code contains long random hexadecimal strings which are typically used for cryptographic purposes. However, the presence of such strings without context or explanation can be suspicious. The variables 'Key', 'randomNum', and 'SKI' might be used for encryption or obfuscation, which is a common technique in malicious scripts to hide their true purpose. Without further context or additional code, it is difficult to determine the exact intent, but the use of such obfuscation techniques raises a moderate to high risk of potential malicious activity. DOM: 3.4.pages.csv
Source: https://fpt2.microsoft.com/Clear.HTML?ctx=Ls1.0&wl=False&session_id=368a97c0ecf841f8bdc9940f325083c6&id=202f4ae7-3b8e-4b75-4b18-6e1e9641e2f2&w=8DC7B7BA93AC1DA&tkt=taBcrIH61PuCVH7eNCyH0K%252fD9DJ44Cptuv0RyrXgXCvIo0u9ttCEbLuRCYXcmaPsbemRxwam7Kqh9GtF9dO	LLM: Score: 7 Reasons: The code interacts with localStorage and sends potentially sensitive information (session_id, CustomerId, authKey) to external URLs. This behavior is typical of tracking but can also be used for malicious purposes such as session hijacking or data exfiltration. The use of obfuscated strings and the lack of clear documentation or context further increase the risk. DOM: 5.6.pages.csv

Found iframes

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6

HTTP Parser: Iframe src: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU

HTML body contains low number of good links

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.live.com/login.srf	HTTP Parser: Title: Sign in to your Microsoft account does not match URL
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: Title: Create account does not match URL
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: Title: Redirecting does not match URL

Submit button contains javascript call

Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: OnBack(); return false;
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: On click: HOSTUI.evt_inlineBack_onclick();

Source: https://fpt.live.com/?session_id=368a97c0ecf841f8bdc9940f325083c6&CustomerId=33e01921-4d64-4f8c-a055-5bdaffd5e33d&PageId=SU	HTTP Parser: No favicon
Source: about:blank	HTTP Parser: No favicon
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No favicon
Source: https://www.bing.com/secure/Passport.aspx?popup=1&ssl=1	HTTP Parser: No favicon

Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="author".. found
Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="author".. found
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No <meta name="author".. found

Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="copyright".. found
Source: https://login.live.com/login.srf	HTTP Parser: No <meta name="copyright".. found
Source: https://signup.live.com/signup?lic=1&uaid=368a97c0ecf841f8bdc9940f325083c6	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/common/oauth2/authorize?client_id=9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7&response_type=id_token+code&nonce=c5d9c3ef-2680-4d1c-8acd-fc7480429940&redirect_uri=https%3a%2f%2fcopilot.microsoft.com%2forgid%2fidtoken%2fconditional&scope=openid%20email%20profile%209ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7/.default&response_mode=form_post&instance_aware=true&msafed=0&prompt=none&state=%7b%22ig%22%3a%22C6FC439E01C9419EBF3A0CEEDF92AB54%22%7d	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49716 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.6:49730 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: onedrive.live.com to https://www.microsoft.com/microsoft-365/onedrive/online-cloud-storage

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.64
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /v/794850bf-f104-442e-acb0-475634834dda HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/onedrive.css HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/pdf.png HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ms-1drive.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834ddaAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/pdf.png HTTP/1.1Host: ms-1drive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ms-1drive.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: onedrive.live.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/js/login_en_31OakWsQhbXgK7L_U0YNNw2.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/chunks/oneds-analytics-js_54b1724af1b05e2ba3db_en.js HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/microsoft_logo_ee5c8d9fb6248c938fd0.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/2_bc3d32a696895f78c19d.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000.30238.3/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/5/images/signin_options_4e48046ce74f4b89d450.svg HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /16.000.30238.3/images/favicon.ico HTTP/1.1Host: logincdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /converged_ux_v2_nBE5FSqn9KpH44ZlTc3VqQ2.css?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jqueryshim_hlu0tTfjWJFWYNt1WZrVqg2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /knockout_3.3.0_X1BYS2jZMbi7hfUj8VuqFA2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lwsignupstringscountrybirthdate_en-us_gdxUIqa3ijrOefuBnwhTKg2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lightweightsignuppackage_xUzYzJceL8JC5cjTFIHHBQ2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/microsoft_logo_7lyNn7YkjJOP0NwZNw6QvQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oneds_MC5gQfpbTUjLu60sQCwU1w2.js?v=1 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /datarequestpackage_h-_7C7UzwdefXJT9njDBTQ2.js HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://signup.live.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://signup.live.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/favicon.ico?v=2 HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /images/2_vD0yppaJX3jBnfbHF1hqXQ2.svg HTTP/1.1Host: acctcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /px?id=1776578&t=2 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fpx%3Fid%3D1776578%26t%3D2 HTTP/1.1Host: secure.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=5WjnP_WkGZ_O4OjIHi9hXGUqFsqMtYENMVtLZ_4nxmgLX3ApHNCCauxPjFC8eTlriS6kxrza28F8dUlLyz8oh4q66GfJOdWJA_skstrYSno.; receive-cookie-deprecation=1; uuid2=8390600150162661499
Source: global traffic	HTTP traffic detected: GET /bounce?%2Fpx%3Fid%3D1776578%26t%3D2 HTTP/1.1Host: secure.adnxs.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=8390600150162661499; anj=dTM7k!M4/8CxrEQF']wIg2E>9v:j>B!]tbP6j2F-XstGt!@E(1%'?oW
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.facebook.com (Facebook)
Source: chromecache_202.2.dr, chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.linkedin.com (Linkedin)
Source: chromecache_202.2.dr, chromecache_306.2.dr	String found in binary or memory: (function() { var sharingGlobalConfig ={"thumbnailUrlFormat":"https://www.bing.com/th?id={0}","defaultFormCode":"EX0023","facebookShareFormat":"https://www.facebook.com/dialog/feed?app_id={3}\u0026display=popup\u0026link={0}\u0026redirect_uri={1}\u0026ref={2}","facebookMessengerUrlFormat":"http://www.facebook.com/dialog/send?app_id={0}\u0026display=popup\u0026link={1}\u0026redirect_uri={2}","facebookFormCode":"EX0023","fbInitialHeight":576,"fbmInitialWidth":640,"facebookAppId":"3732605936979161","twitterApi":"https://twitter.com/intent/tweet?hashtags={0}\u0026text={1}\u0026url={2}","twitterFormCode":"EX0024","twitterInitialHeight":576,"twitterInitialWidth":720,"defaultInitialHeight":255,"whatsAppSchema":"whatsapp://send?text={0}","whatsAppStoreUrl":"","whatsAppFormCode":"EX0053","mailLauncherUrl":"mailto:?subject={0} \u0026body={1}","mailFormCode":"EX0025","smsProtocol":"","smsFormCode":"EX0052","loadingUrl":"/loading","useBlankLoadingPage":false,"closeRedirectUrl":"/share/fbre","pinterestUrlFormat":"https://pinterest.com/pin/create/button/?url={0}\u0026media={1}\u0026description={2}","pinterestFormCode":"EX0051","mybingFormCode":"shtomb","mybingRedirectUrl":"https://www.bing.com/myprofile?tid=id_chatmessagetab\u0026FORM=shtomb","skypeUrlFormat":"https://web.skype.com/share?url={0}\u0026source=button\u0026text={1}","skypeInitialHeight":665,"skypeInitialWidth":305,"outlookComLauncherUrl":"https://outlook.live.com/owa/?subject={0}\u0026body={1}\u0026path=/mail/action/compose","gmailLauncherUrl":"https://mail.google.com/mail/?view=cm\u0026fs=1\u0026tf=1\u0026su={0}\u0026body={1}","linkedInUrlFormat":"https://www.linkedin.com/shareArticle?mini=true\u0026url={0}\u0026title={1}\u0026summary={2}","linkedInFormCode":"EX0062","oneNoteUrlFormat":"https://www.onenote.com/clipper/save?attributionUrl={0}\u0026sourceUrl={1}\u0026imgUrl={1}\u0026title={2}\u0026description={3}","oneNoteInitialHeight":565,"oneNoteInitialWidth":550,"oneNoteFormCode":"EX0060","checkAppInstall":"","checkAppTimeout":200,"weiboShareFormat":"https://service.weibo.com/share/share.php?title={0}\u0026placeholder=Bing\u0026url={1}\u0026pic={2}","weiboFormCode":"SHDLWE","qzoneShareFormat":"https://sns.qzone.qq.com/cgi-bin/qzshare/cgi_qzshare_onekey?title={0}\u0026summary={1}\u0026url={2}\u0026pics={3}","qzoneFormCode":"SHDLQZ","isCNEnglishSearch":false,"redditShareFormat":"https://www.reddit.com/submit?url={0}\u0026title={1}","redditFormCode":"EX0061","useLocationReplace":false,"getUrlFormCode":"EX0050","enableGetShareLinkFromServerForGetUrl":true,"isUnderside":false}; if(sj_evt) { sj_evt.fire("GlobalActionMenuV2Wrapper.InitSharingGlobalConfig", sharingGlobalConfig); } })();; equals www.twitter.com (Twitter)

Source: global traffic	DNS traffic detected: DNS query: ms-1drive.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: onedrive.live.com
Source: global traffic	DNS traffic detected: DNS query: assets.onestore.ms
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com
Source: global traffic	DNS traffic detected: DNS query: c.s-microsoft.com
Source: global traffic	DNS traffic detected: DNS query: logincdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: acctcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: signup.live.com
Source: global traffic	DNS traffic detected: DNS query: fpt.live.com
Source: global traffic	DNS traffic detected: DNS query: services.bingapis.com
Source: global traffic	DNS traffic detected: DNS query: secure.adnxs.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net

Source: chromecache_283.2.dr	String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_146.2.dr, chromecache_184.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_146.2.dr	String found in binary or memory: http://opensource.org/licenses/mit-license.php)
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: http://schema.org/Organization
Source: chromecache_146.2.dr	String found in binary or memory: http://www.json.org/json2.js
Source: chromecache_146.2.dr, chromecache_184.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.25.0/css/mwf-west-european-default.min.c
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://az725175.vo.msecnd.net/scripts/jsll-4.js
Source: chromecache_319.2.dr	String found in binary or memory: https://ceto.westus2.binguxlivesite.net/
Source: chromecache_216.2.dr	String found in binary or memory: https://fpt.live.com/
Source: chromecache_184.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_259.2.dr	String found in binary or memory: https://highlightjs.org/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Source: chromecache_149.2.dr	String found in binary or memory: https://login.chinacloudapi.cn
Source: chromecache_190.2.dr	String found in binary or memory: https://login.live.com/login.srf
Source: chromecache_319.2.dr	String found in binary or memory: https://login.live.com/login.srf?wa=wsignin1.0
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.de
Source: chromecache_149.2.dr	String found in binary or memory: https://login.microsoftonline.us
Source: chromecache_149.2.dr	String found in binary or memory: https://login.windows-ppe.net
Source: chromecache_190.2.dr	String found in binary or memory: https://onedrive.live.com/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://onedrive.live.com/about/en-us/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://outlook.live.com/owa/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://products.office.com/en-us/home
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://products.office.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Source: chromecache_319.2.dr	String found in binary or memory: https://secure.adnxs.com/px?id=1776578&t=2
Source: chromecache_190.2.dr	String found in binary or memory: https://signup.live.com/signup
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css?c=7
Source: chromecache_319.2.dr	String found in binary or memory: https://storage.live.com/users/0x
Source: chromecache_190.2.dr	String found in binary or memory: https://temp.sh/MvTQc/atch_Medical_Report_Scan05202024.exe
Source: chromecache_213.2.dr	String found in binary or memory: https://www.clarity.ms/tag/uet/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://www.onenote.com/
Source: chromecache_177.2.dr, chromecache_182.2.dr, chromecache_233.2.dr, chromecache_204.2.dr	String found in binary or memory: https://www.skype.com/en/
Source: chromecache_201.2.dr	String found in binary or memory: https://www.suno.ai/legal/privacy
Source: chromecache_201.2.dr	String found in binary or memory: https://www.suno.ai/legal/terms
Source: chromecache_335.2.dr	String found in binary or memory: https://www.suno.ai/privacy)
Source: chromecache_335.2.dr	String found in binary or memory: https://www.suno.ai/terms)
Source: chromecache_204.2.dr	String found in binary or memory: https://www.xbox.com/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49716 version: TLS 1.2

Source: classification engine

Classification label: mal68.phis.win@30/342@42/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6524 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6524 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6460 --field-trial-handle=1992,i,13347417480078568118,3404620895166196032,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1446913
Product:	CloudBasic
Start time:	00:55:36
Start date:	24.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://ms-1drive.com/v/794850bf-f104-442e-acb0-475634834dda