Windows Analysis Report
https://jmawireless-my.sharepoint.com

Overview

General Information

Sample URL:	https://jmawireless-my.sharepoint.com
Analysis ID:	1447354
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

HTML body contains low number of good links

HTML title does not match URL

Classification

Signatures

HTML body contains low number of good links

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: Title: Sign in to your account does not match URL

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true

HTTP Parser: <input type="password" .../> found

HTTP Parser: No favicon

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49743 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:53088 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:55335 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: jmawireless-my.sharepoint.com to https://login.microsoftonline.com:443/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5fid=00000003%2d0000%2d0ff1%2dce00%2d000000000000&response%5fmode=form%5fpost&response%5ftype=code%20id%5ftoken&resource=00000003%2d0000%2d0ff1%2dce00%2d000000000000&scope=openid&nonce=e6a2b527bb3449ca22bede4081962dce768f18e74e27a196%2d7665cd0448c60d689d4ffcc8a5d9a9986c1bcb6b6b79ca8fcad4cd443bdba5e2&redirect%5furi=https%3a%2f%2fjmawireless%2dmy%2esharepoint%2ecom%2f%5fforms%2fdefault%2easpx&state=od0w&claims=%7b%22id%5ftoken%22%3a%7b%22xms%5fcc%22%3a%7b%22values%22%3a%5b%22cp1%22%5d%7d%7d%7d&wsucxt=1&cobrandid=11bd8083%2d87e0%2d41b5%2dbb78%2d0bc43c8a8e8a&client%2drequest%2did=23e42ba1%2d50b5%2d5000%2da2da%2dbc6ed7468b83

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/Authenticate.aspx?Source=%2F HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: RpsContextCookie=U291cmNlPSUyRg==
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_9oft0ybq1qhuafkqh5wryq2.css HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vtf__v_j2jh3v2otg9k3lq2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/illustration?ts=637441741242033826 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/bannerlogo?ts=637951424196423663 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/bannerlogo?ts=637951424196423663 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/illustration?ts=637441741242033826 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_presetpasswordsplitter_f7fbb7540d7be2ae771b.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: jmawireless-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauthimages.net
Source: global traffic	DNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: global traffic	DNS traffic detected: DNS query: passwordreset.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com

Source: chromecache_164.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_165.2.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_169.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_190.2.dr, chromecache_177.2.dr, chromecache_154.2.dr, chromecache_174.2.dr, chromecache_164.2.dr, chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_145.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_145.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49743 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@22/108@28/9

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,10823017092375802373,5579075643260688422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://jmawireless-my.sharepoint.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,10823017092375802373,5579075643260688422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.136.10	dual-spo-0005.spo-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.67	part-0039.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.185.164	www.google.com	United States	15169	GOOGLEUS	false
13.107.213.60	part-0032.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.226.67	part-0039.t-0009.fb-t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
152.199.23.37	cs1100.wpc.omegacdn.net	United States	15133	EDGECASTUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
part-0039.t-0009.t-msedge.net	13.107.246.67	true
dual-spo-0005.spo-msedge.net	13.107.136.10	true
cs1100.wpc.omegacdn.net	152.199.23.37	true
part-0032.t-0009.t-msedge.net	13.107.213.60	true
www.google.com	142.250.185.164	true
part-0039.t-0009.fb-t-msedge.net	13.107.226.67	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
autologon.microsoftazuread-sso.com	40.126.32.138	true
passwordreset.microsoftonline.com	unknown	unknown
identity.nel.measure.office.net	unknown	unknown
aadcdn.msftauth.net	unknown	unknown
login.microsoftonline.com	unknown	unknown
jmawireless-my.sharepoint.com	unknown	unknown
ajax.aspnetcdn.com	unknown	unknown
aadcdn.msftauthimages.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://aadcdn.msftauthimages.net/dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/illustration?ts=637441741242033826	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_presetpasswordsplitter_f7fbb7540d7be2ae771b.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg	false	URL Reputation: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vtf__v_j2jh3v2otg9k3lq2.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js	false	Avira URL Cloud: safe	unknown
https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	false		unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_9oft0ybq1qhuafkqh5wryq2.css	false	Avira URL Cloud: safe	unknown
https://jmawireless-my.sharepoint.com/	false	Avira URL Cloud: safe	unknown
https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	false		unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif	false	URL Reputation: safe	unknown
https://jmawireless-my.sharepoint.com/_layouts/15/Authenticate.aspx?Source=%2F	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauthimages.net/dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/bannerlogo?ts=637951424196423663	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif	false	URL Reputation: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	false	URL Reputation: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg	false	URL Reputation: safe	unknown
https://jmawireless-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie	false	Avira URL Cloud: safe	unknown
https://aadcdn.msftauth.net/shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg	false	URL Reputation: safe	unknown
https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	false		unknown
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 144	PNG image data, 192 x 103, 8-bit/color RGBA, non-interlaced	91821BD2E6B92C98235D686A1EED2143	196B7D9C770638AB60021063E2E49097B081B1B9	381DCF4936A6D425D97D719E4E4C47A2A6D07A7933F16709AEC9AE383FBFC716
Chrome Cache Entry: 145	HTML document, ASCII text, with very long lines (2345), with CRLF line terminators	E86EF8B6111E5FB1D1665BCDC90888C9	994BF7651CB967CD9053056AF2D69ACB74DB7F29	3410242720DE50B090D07A23AEE2DAD879B31D36F2615732962EC4CFA8A9D458
Chrome Cache Entry: 146	SVG Scalable Vector Graphics image	2D8F86059BE176833897099EE6DDEDEB	93A2E327027DEED53076E86BFA7D9EEBBF0CC4B9	34D8DA073F47030EE94B99D84FBE68E3345BD8AAA37EA909FF2DA00238447486
Chrome Cache Entry: 147	HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators	B1357E51586896F14A63743CB9EC163C	91AC0AA31A90D4F10B62E7C6D238AC3F2D2A9E5C	806BB02EB703D4651546EEB70BC1D82C8D5B7EB72F65D4B5EB28BB311846DAA4
Chrome Cache Entry: 148	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 149	ASCII text, with very long lines (61177)	F4E7EDD1806AD6A86E69F910879591C9	D39B8F7E60C1D3832296ECED130B6A9EE4CD24D8	7363ADBB18193C85AC24339AB57B08DF1C8EF875186EDBC85D1CE9184A05A20B
Chrome Cache Entry: 150	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 151	SVG Scalable Vector Graphics image	F83EBFF69A4A1685E4DC9650CDAB8886	FD21658884945B00157557AE06803DAA6A9F10C6	7B1669DA90261CDB1483950BB480AD96875F84B09BC48D1055303CE94821BF64
Chrome Cache Entry: 152	ASCII text, with very long lines (65446), with CRLF line terminators	0732E3EABBF8AA7CE7F69EEDBD07DFDD	4CD5DDC413B3024D7B56331C0D0D0B2BD933F27F	CE9D07500AD91EC2B524C270764EC4C9A33E78320D8D374EC400EDE488F6251B
Chrome Cache Entry: 153	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 154	ASCII text, with very long lines (512)	39A0EB35CD7799A181D34F4AE1DDB496	E933CA8534BCB6AD79D240316CE23C8B870050D0	C8CEF105FCAF7CBF3F8682C861045505C24D41CF6686C20C1C03E14031A3DB69
Chrome Cache Entry: 155	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 156	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 157	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 158	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 159	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 160	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 161	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 162	SVG Scalable Vector Graphics image	2D8F86059BE176833897099EE6DDEDEB	93A2E327027DEED53076E86BFA7D9EEBBF0CC4B9	34D8DA073F47030EE94B99D84FBE68E3345BD8AAA37EA909FF2DA00238447486
Chrome Cache Entry: 163	ASCII text, with very long lines (2054)	439A53994F1A9C860C7787ED5100CA0C	15BA120F64BBF6A59A457841B10DF0D6D1B4574C	441BFA485FB0EB8AD2BE7001209868B57C41769CAE9512A774419F5882C093E6
Chrome Cache Entry: 164	ASCII text, with very long lines (43896)	764E526CEF65C9F062BB8E83D8EBCE0B	F5166F7B003CBE1B171BE88AA65D2E3FD2331366	474CE0790CEB18A100CEBAF1AC0915A51389FCAE0830C3B44BFA1E365D40B2B4
Chrome Cache Entry: 165	ASCII text, with very long lines (65450), with CRLF line terminators	75CF78D0E38C65A538AD253CA9E48DBE	BF0452E4A42A9AF3B69D5D8C3A3A0433F14921B6	DF2AA8537C1992C94846A0FFFFAA9031D430D9D0210B9E396EC059AFF62627E0
Chrome Cache Entry: 166	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 167	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 168	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 169	HTML document, Unicode text, UTF-8 text, with very long lines (1094), with CRLF line terminators	FE85DF425B95297E7D7E388A7C0D6DE5	3C9680147BBEA42B2E764A995119D89188F01A6C	352B8A2025EDDD7FCF2883FAC22EF9A0AEB5C3A38F238E016EACD9BA1B582214
Chrome Cache Entry: 170	ASCII text, with CRLF line terminators	A17520454D4A65A399B863B5CC46D3FC	0A02C72D7AFCD5198C590108E7F2302A1F75544D	62E5E7DC19D018BEDB24E2C89ED41271B9D94A6DDE3359CC9CABBC315385C0E5
Chrome Cache Entry: 171	gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 444890	9D04112039AA1DB4EA5F49C521125D6A	D3BBFB157E00A0BA12A53AEE8BC05711849B51F0	DFB209628564E6F287D8154B1DD0CAEA878E9FEB3EA65BDF16E49EC4354CEF69
Chrome Cache Entry: 172	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 173	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 174	ASCII text, with very long lines (3757)	3631AA6B55B811946DE4FC289031778B	8CD792280A0594585289DBA2748D51FE81904AC7	3957106AD7B920D6D8E73EF7B9DE532CAE05E78DF5DB847777F73193AA4086A8
Chrome Cache Entry: 175	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 176	SVG Scalable Vector Graphics image	4E48046CE74F4B89D45037C90576BFAC	4A41B3B51ED787F7B33294202DA72220C7CD2C32	8E6DB1634F1812D42516778FC890010AA57F3E39914FB4803DF2C38ABBF56D93
Chrome Cache Entry: 177	ASCII text, with very long lines (14735)	5316E62A0EED2307FB8BCD111E96CB8F	71240D69183FDCCB39FE26A96045734C431A3F56	35AFB11DAB6EDCBC989A25FE5CF19F5D8289499232B7EC775F318D8B8A5BBF78
Chrome Cache Entry: 178	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 179	ASCII text, with no line terminators	06B313E93DD76909460FBFC0CD98CB6B	C4F9B2BBD840A4328F85F54873C434336A193888	B4532478707B495D0BB1C21C314AEF959DD1A5E0F66E52DAD5FC332C8B697CBA
Chrome Cache Entry: 180	MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel	877784A5F5808CEFA2B61E73BFCF8EAE	6A0E7EDA2734D7BBBA3CE38D37B347DF001B1DBF	BE7F0632337BC381D4962125545A5CC3C1E84E2D03DBDB97AB3D79AD78B91B6D
Chrome Cache Entry: 181	ASCII text, with CRLF line terminators	11FE4E6509513DB245F1F97E37C5D3AB	05322C35B6BFAE84CE8C626BD7B1F8C4A6F15A6D	78D437B40A85299F96ED9D02E35F23FD3D3EF63D844D8D2523A15516F7E1D09C
Chrome Cache Entry: 182	ASCII text, with very long lines (39257), with CRLF line terminators	DA9DC1C32E89C02FC1E9EEB7E5AAB91E	3EFB110EFA6068CE6B586A67F87DA5125310BC30	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
Chrome Cache Entry: 183	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 184	ASCII text, with CRLF line terminators	B3D7A123BE5203A1A3F0F10233ED373F	F4C61F321D8F79A805B356C6EC94090C0D96215C	EF9453F74B2617D43DCEF4242CF5845101FCFB57289C81BCEB20042B0023A192
Chrome Cache Entry: 185	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 186	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 187	PNG image data, 720 x 405, 8-bit/color RGBA, non-interlaced	8B91FDADC21BBE0468671EBB2688DC87	F9FEA146526696893D026932E1030C82108C28B5	5E336553D4B87CB8CBA3013CF94AC3F454890D0173F40482715A40CBB6D0CA22
Chrome Cache Entry: 188	PNG image data, 720 x 405, 8-bit/color RGBA, non-interlaced	8B91FDADC21BBE0468671EBB2688DC87	F9FEA146526696893D026932E1030C82108C28B5	5E336553D4B87CB8CBA3013CF94AC3F454890D0173F40482715A40CBB6D0CA22
Chrome Cache Entry: 189	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 190	ASCII text, with very long lines (64612)	B6783C7717E4042517138D9C9A48C867	7A7D6B0F36C2A3B557F1A75461630D433E5F4942	4BE11C075187615ADAF493D54CB7B05556E76806AED2B3B082D72952D0025BE5
Chrome Cache Entry: 191	MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors	12E3DAC858061D088023B2BD48E2FA96	E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5	90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21
Chrome Cache Entry: 192	ASCII text, with no line terminators	D1690731F22021E1466FBCD0DB6326EF	78F95BA0B7F82BBB7067000242DE860594ABD9C3	490216DF4F089BB5C249BCF4034D0671254CA4236EC3ECA935AAC4B17E0FC7F3
Chrome Cache Entry: 193	ASCII text, with CRLF line terminators	DBFAC7887A157C9B73DC42927FC15B74	435FD188BF66F0207EEB298DD13228D17D36E4D1	FC66E3943BC6EDC7B1F79D952D31DABCBA3BD576190DEEB9A7518CEE6B75C5A1
Chrome Cache Entry: 194	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 195	ASCII text, with very long lines (45741)	458DE95432EF8D4FCA28BB532B18C314	2A35163C1225E25DF8427B5D877CFE43299BE502	3332D913029F564F91B3EE85ABB4FA444D8DB0F97B346804088FA4B9DA643F66
Chrome Cache Entry: 196	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 197	Unicode text, UTF-8 text, with very long lines (32097)	BD317FFEFFE3D89877BF63931BD9372D	042DDBB953EFD7BDFF3D22AD97BCA0A81EB57149	1EC2987C5CA4DC62E68F417FD75187C267E3ED438167546396CE913019F9FFFC
Chrome Cache Entry: 198	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 199	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 200	PNG image data, 192 x 103, 8-bit/color RGBA, non-interlaced	91821BD2E6B92C98235D686A1EED2143	196B7D9C770638AB60021063E2E49097B081B1B9	381DCF4936A6D425D97D719E4E4C47A2A6D07A7933F16709AEC9AE383FBFC716
Chrome Cache Entry: 201	ASCII text, with very long lines (65447)	83713513412973906E8AF09A0273990E	4C4BBCE9495EAA024FCE23D605A531ED45CF3D82	601831BF3AF536E09A0B447B06785D00160C234C3073EE13B4DD19D6AAAFC68A
Chrome Cache Entry: 202	SVG Scalable Vector Graphics image	F83EBFF69A4A1685E4DC9650CDAB8886	FD21658884945B00157557AE06803DAA6A9F10C6	7B1669DA90261CDB1483950BB480AD96875F84B09BC48D1055303CE94821BF64
Chrome Cache Entry: 203	ASCII text, with very long lines (65329), with CRLF line terminators	C89EAA5B28DF1E17376BE71D71649173	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
Chrome Cache Entry: 204	ASCII text, with very long lines (64616)	74F81077DDD865963051B0D007623E01	CCB91BA16783454A46DE7608C1DFD03DD49BC28B	98C0872339E166FC98D211C46849DD6E739397F427E23B241CED88C5C126E2A9
Chrome Cache Entry: 205	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 206	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200

HTML body contains low number of good links

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: Number of links: 0
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: Number of links: 0
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML title does not match URL

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: Title: Redirecting does not match URL
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: Title: Sign in to your account does not match URL

HTTP Parser: <input type="password" .../> found

HTTP Parser: No favicon

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://login.microsoftonline.com/fd4efb89-68eb-42bb-bd22-018f0e50365b/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=E6A2B527BB3449CA22BEDE4081962DCE768F18E74E27A196%2D7665CD0448C60D689D4FFCC8A5D9A9986C1BCB6B6B79CA8FCAD4CD443BDBA5E2&redirect%5Furi=https%3A%2F%2Fjmawireless%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=23e42ba1%2D50b5%2D5000%2Da2da%2Dbc6ed7468b83&sso_reload=true	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2ffd4efb89-68eb-42bb-bd22-018f0e50365b%2freprocess%3fctx%3drQQIARAAnVE_aNRgHE2aa-ydrT3q4ljOTj1z-ZJ8Sb4cdMi_04ras3-gnsiRP1_aeJdLmqTtXUsXdRAE6eyidnDoJIJYqqJzcegm3CxSO4h06qZ3uDgW3w8ej9_weLw3SXElrjwB_kJg-swAz-MYB_fVP4jHcvmXxW-X31aJ6k73Q-tr5cnDXVJZTtMoKbPs_cBa92PcxEnCBJ1SsmzFOAr9VlpywoCte2EcJKyLPWu1mZasJGrvkeQhSR6R5O7AiimpvCbysqYJECq6yvOaaZgQIE6ReEM3ZQlVOGTK0ORltfdjZEkSdQNAiHQJGBJSDFip6DpSRUNRFQVJOqfpmtQ7uWeHKrpqQN2AUNAMTRVNvjswOqOupst8n8LY38AnA9l-xnoUJukzKjNjgPVd6kzFvKEmPBdiz0YKIyFsM5C3bcZ2eZ4BHPIAFoEgifYBRYcRbvnuYYY8zgwDqjw0lMsTl4hx4jRD7gz26qW-f9z7RL9Tn_64-GX8_XXiYJBV51bWOq1bSzP29Ea7eGceuKo8JwZsI8Li_A2cWI0FVujUlAUOTEllbpsmt2l6n84OUXmiQOlV7hdNPj5H7Gf_f6jD82R3mMtlndCOrZbru2MTHGe7CCCBQTIGDORskbFtGTHAdqDgIAthZHWHYY52mpYfJGOTmwXfradhA7cK5c1CO0jqjtNXa1ZzFSeF8t1CL2rh3tbW1oORM7l_HiFOLxy9eHXy-9Hzn9eOR6_UrGrnqrbeuA2XikUnmk1qi8XZxZuNtoDnKpEcgXRaEWqRHBfVqdd54g81&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49743 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.4:53088 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:55335 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 95.101.200.226
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_layouts/15/Authenticate.aspx?Source=%2F HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie HTTP/1.1Host: jmawireless-my.sharepoint.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: RpsContextCookie=U291cmNlPSUyRg==
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_RY3pVDLvjU_KKLtTKxjDFA2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_9oft0ybq1qhuafkqh5wryq2.css HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_vtf__v_j2jh3v2otg9k3lq2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_T2EBBtMmyv072RjbQwNpoQ2.js HTTP/1.1Host: aadcdn.msauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://login.microsoftonline.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_8e14dcf0e3ff5580d170.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_7c1aa7609345f99e4914.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/illustration?ts=637441741242033826 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/bannerlogo?ts=637951424196423663 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/bannerlogo?ts=637951424196423663 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dbd5a2dd-lfa6jvlreimgywhhs-c8kmaqnihskpfu3l8mv5xcc9i/logintenantbranding/0/illustration?ts=637441741242033826 HTTP/1.1Host: aadcdn.msftauthimages.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_ea3e62a2bdfb2b2ee8c8.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_presetpasswordsplitter_f7fbb7540d7be2ae771b.js HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://login.microsoftonline.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_aad_a8332c62695d74843a11daf39a74e552.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/picker_account_msa_3b879963b4f70829fd7a25cbc9519792.svg HTTP/1.1Host: aadcdn.msftauth.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: jmawireless-my.sharepoint.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauthimages.net
Source: global traffic	DNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: global traffic	DNS traffic detected: DNS query: passwordreset.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: ajax.aspnetcdn.com

Source: chromecache_164.2.dr	String found in binary or memory: http://feross.org
Source: chromecache_165.2.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: http://knockoutjs.com/
Source: chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php)
Source: chromecache_169.2.dr	String found in binary or memory: https://account.live.com/resetpassword.aspx
Source: chromecache_190.2.dr, chromecache_177.2.dr, chromecache_154.2.dr, chromecache_174.2.dr, chromecache_164.2.dr, chromecache_195.2.dr, chromecache_204.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js
Source: chromecache_145.2.dr	String found in binary or memory: https://login.microsoftonline.com
Source: chromecache_145.2.dr	String found in binary or memory: https://login.windows-ppe.net

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53090
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789

Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 95.101.200.226:443 -> 192.168.2.4:49743 version: TLS 1.2

Source: classification engine

Classification label: clean2.win@22/108@28/9

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,10823017092375802373,5579075643260688422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://jmawireless-my.sharepoint.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 --field-trial-handle=2012,i,10823017092375802373,5579075643260688422,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Next

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1447354
Product:	CloudBasic
Start time:	21:29:39
Start date:	24.05.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://jmawireless-my.sharepoint.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://jmawireless-my.sharepoint.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://jmawireless-my.sharepoint.com