Windows Analysis Report
_Ggerlach_Benefits_and_Commission_2024.svg

Overview

General Information

Sample name:	_Ggerlach_Benefits_and_Commission_2024.svg
Analysis ID:	1528466
MD5:	d11f832f7608592a2c282c2a2cd9ffa8
SHA1:	f6f43da139b190094d2b0567b75688cbb0d10682
SHA256:	5000cbc52a5d72f136e77077499e917daa6d3ec9ccf5651104dbd4a7ee1c3c57
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Uses a known web browser user agent for HTTP communication

Classification

Signatures

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.4:443 -> 192.168.2.16:49775 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View	IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View	IP Address: 13.107.246.45 13.107.246.45
Source: Joe Sandbox View	IP Address: 23.55.235.170 23.55.235.170

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Uses a known web browser user agent for HTTP communication

Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /crx/blobs/AYA8VywseXPF6DpmaP2KXF4TdJ6uz1pHJdo7SIzf64awZn_DsPwbF0Oii_eW16b6DjZW2yznOTlm_VxQeAWAuOcWr9enBdMY228AFVKEGaLo1DSnWlaxBThs2IAXfaAO1h0AxlKa5Znxy93x0I97CvvQ6KVcNCMVw4_g/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_82_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1728941055&P2=404&P3=2&P4=R8hc62l9nW11j05Lzf5XSYAUmoU5kTTrSdc8QXvyEP5NTjwYcD9hSYUfsADrBXVS9ymJh8advQVEMTIG6mv%2fxg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 8jNmE1QvgV6Bhj3XcU+byLSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: OPTIONS /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveOrigin: https://business.bing.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveContent-Length: 938Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /bloomfilterfiles/ExpandedDomainsFilterGlobal.json HTTP/1.1Host: www.bing.comConnection: keep-aliveCookie: ANON=; MUID=;_RwBf=;Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /en-gb/edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1186APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336342692Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /undersideproactive/api/v1/trigger HTTP/1.1Host: services.bingapis.comConnection: keep-aliveContent-Length: 185Content-Type: application/jsonSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/2e4b955.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/5b15c2a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/24b82ee.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 991APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336344061Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/105d560.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/16d7f8e.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/ec09bb6.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/659e497.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 939APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336346159Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/287b8b9.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/859decd.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/1c2ab9a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/f99a53a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1000APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336347385Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4775Host: login.live.com
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1230Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiY0Q5Umt0bmU1WGVKRGFBSFNmZVlLQT09IiwgImhhc2giOiJoamZFdkVOTGxOaz0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/6e93679.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 704APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336348547Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4775Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/76250cb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4742Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/9f3b99e.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 934APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336350222Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/toptraffic/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 746Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiWDA0MUx3NE1UVTRjdTVTRzlsU1lHQT09IiwgImhhc2giOiI1WS9Zazc5VUh5MD0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "170540185939602997400506234197983529371"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4742Host: login.live.com
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 997APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336350924Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/shopping/v1/item/search?appid=67220BD2169C2EA709984467C21494086DF8CA85&features=persnlcashback&sf=cashback1 HTTP/1.1Host: www.bing.comConnection: keep-aliveContent-Length: 2188Cookie: ANON=; MUID=;_RwBf=;Content-Type: application/jsonSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/dd71a23.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1100Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiT05ZL2cyb3B3ajBHTHZHMk9uWUQ3QT09IiwgImhhc2giOiJQbVZaRzFBNUNSQT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "636976985063396749.rel.v2"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1584Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiVXRIZ1huYjFiUThWaFVacEIwTUtwZz09IiwgImhhc2giOiJoMm56ZmZLcnJNVT0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/settings/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1100Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiT05ZL2cyb3B3ajBHTHZHMk9uWUQ3QT09IiwgImhhc2giOiJQbVZaRzFBNUNSQT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "2.0-0"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1093Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiNzZmaEtqQmFrSEhZU2g4VHBQamlSQT09IiwgImhhc2giOiJyVUpqL0xiWlJCWT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "638343870221005468"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/03948fb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/cms/lrs1c69a1j/logos/5a74283229e24d0ca59fb94ed941c3a0.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display.5c8aa5a.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display-semibold.b7bb141.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /welcome/static/favicon.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 854APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336362340Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 760APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336364015Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 815APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336368649Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 705APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336371365Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1640Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiMWJUdXdtSCs0a2F3c3JBaExhOGhPQT09IiwgImhhc2giOiJUdFM0RkRhSGRpMD0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1116APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336376051Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212

Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /crx/blobs/AYA8VywseXPF6DpmaP2KXF4TdJ6uz1pHJdo7SIzf64awZn_DsPwbF0Oii_eW16b6DjZW2yznOTlm_VxQeAWAuOcWr9enBdMY228AFVKEGaLo1DSnWlaxBThs2IAXfaAO1h0AxlKa5Znxy93x0I97CvvQ6KVcNCMVw4_g/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_82_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=cGWaYPxgZpr+Hyr&MD=aKXoZ2Bh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1728941055&P2=404&P3=2&P4=R8hc62l9nW11j05Lzf5XSYAUmoU5kTTrSdc8QXvyEP5NTjwYcD9hSYUfsADrBXVS9ymJh8advQVEMTIG6mv%2fxg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 8jNmE1QvgV6Bhj3XcU+byLSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=cGWaYPxgZpr+Hyr&MD=aKXoZ2Bh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /bloomfilterfiles/ExpandedDomainsFilterGlobal.json HTTP/1.1Host: www.bing.comConnection: keep-aliveCookie: ANON=; MUID=;_RwBf=;Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /en-gb/edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/2e4b955.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/5b15c2a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/24b82ee.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/105d560.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/16d7f8e.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/ec09bb6.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/659e497.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/287b8b9.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/859decd.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/1c2ab9a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/f99a53a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/6e93679.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/76250cb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/9f3b99e.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/dd71a23.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/03948fb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/cms/lrs1c69a1j/logos/5a74283229e24d0ca59fb94ed941c3a0.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display.5c8aa5a.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display-semibold.b7bb141.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /welcome/static/favicon.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: 000003.log7.3.dr	String found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log7.3.dr	String found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log7.3.dr	String found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
Source: Favicons.3.dr	String found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: imgur.com
Source: global traffic	DNS traffic detected: DNS query: bzib.nelreports.net
Source: global traffic	DNS traffic detected: DNS query: i.imgur.com
Source: global traffic	DNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com

Source: unknown

HTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Cache: CONFIG_NOCACHEAccept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-VersionX-MSEdge-Ref: Ref A: 830517F1F485466EB2C072F728EC72BC Ref B: EWR311000104019 Ref C: 2024-10-07T21:25:45ZDate: Mon, 07 Oct 2024 21:25:45 GMTConnection: closeContent-Length: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:47 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx000001c5a9c3590212858-00670451db-7288d13a-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:47 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx00000872941ddaea3b8b5-00670451d4-7311adea-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:51 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx00000bdd9cafcd3d6f40f-00670451d9-72889e81-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:26:15 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx000006803c47cfea47611-00670451ea-73836779-defaultAccept-Ranges: bytes

Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://bard.google.com/
Source: Reporting and NEL.4.dr	String found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: Web Data.3.dr	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: Web Data.3.dr	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: manifest.json0.3.dr	String found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json0.3.dr	String found in binary or memory: https://chromewebstore.google.com/
Source: a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp.4.dr, 59bb6c52-a06e-44a8-8c93-d1019159a813.tmp.4.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json.3.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp.4.dr, 59bb6c52-a06e-44a8-8c93-d1019159a813.tmp.4.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.4.dr	String found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
Source: manifest.json.3.dr	String found in binary or memory: https://docs.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive.google.com/
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log6.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr, HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: Favicons.3.dr	String found in binary or memory: https://edgestatic.azureedge.net/welcome/static/favicon.png
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://gaana.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: _Ggerlach_Benefits_and_Commission_2024.svg	String found in binary or memory: https://imgur.com/i0nWQPo.png
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: 000003.log.3.dr	String found in binary or memory: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/
Source: Session_13372809853927186.3.dr	String found in binary or memory: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/in
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.kugou.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.soundcloud.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.vk.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.amazon.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.apple.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.yandex.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://open.spotify.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/0/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/0/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://tidal.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://twitter.com/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://vibe.naver.com/today
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.telegram.org/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.whatsapp.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: Favicons.3.dr	String found in binary or memory: https://www.aliexpress.com/
Source: Favicons.3.dr	String found in binary or memory: https://www.amazon.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.deezer.com/
Source: content.js.3.dr, content_new.js.3.dr	String found in binary or memory: https://www.google.com/chrome
Source: Web Data.3.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.iheart.com/podcast/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.instagram.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.last.fm/
Source: Favicons.3.dr	String found in binary or memory: https://www.live.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.messenger.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: Favicons.3.dr	String found in binary or memory: https://www.netflix.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.office.com
Source: Favicons.3.dr	String found in binary or memory: https://www.office.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: Favicons.3.dr	String found in binary or memory: https://www.reddit.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.tiktok.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.youtube.com
Source: Favicons.3.dr	String found in binary or memory: https://www.youtube.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://y.music.163.com/m/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.4:443 -> 192.168.2.16:49775 version: TLS 1.2

Source: classification engine

Classification label: clean1.winSVG@62/256@14/17

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517A-D68.pma

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Temp\fbde4b75-5c54-43f0-9fa3-751df5604815.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1960,i,12678008410117373553,10809593292764261393,262144 /prefetch:3
Source: unknown	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6468 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6416 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6488 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1960,i,12678008410117373553,10809593292764261393,262144 /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6468 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6416 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6488 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: Web Data.3.dr	Binary or memory string: outlook.office365.comVMware20,11696584680t
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696584680p
Source: Web Data.3.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680^
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - EU WestVMware20,11696584680n
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - HKVMware20,11696584680]
Source: Web Data.3.dr	Binary or memory string: microsoft.visualstudio.comVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: outlook.office.comVMware20,11696584680s
Source: Web Data.3.dr	Binary or memory string: secure.bankofamerica.comVMware20,11696584680\|UE
Source: Web Data.3.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: account.microsoft.com/profileVMware20,11696584680u
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: ms.portal.azure.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696584680}
Source: Web Data.3.dr	Binary or memory string: bankofamerica.comVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: turbotax.intuit.comVMware20,11696584680t
Source: Web Data.3.dr	Binary or memory string: Test URL for global passwords blocklistVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: www.interactivebrokers.co.inVMware20,11696584680~
Source: Web Data.3.dr	Binary or memory string: www.interactivebrokers.comVMware20,11696584680}
Source: Web Data.3.dr	Binary or memory string: AMC password management pageVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: trackpan.utiitsl.comVMware20,11696584680h
Source: Web Data.3.dr	Binary or memory string: interactivebrokers.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696584680z
Source: Web Data.3.dr	Binary or memory string: tasks.office.comVMware20,11696584680o
Source: Web Data.3.dr	Binary or memory string: discord.comVMware20,11696584680f
Source: Web Data.3.dr	Binary or memory string: global block list test formVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: netportal.hdfcbank.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: dev.azure.comVMware20,11696584680j
Source: Web Data.3.dr	Binary or memory string: interactivebrokers.co.inVMware20,11696584680d

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.129	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
13.107.246.40	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.246.45	s-part-0017.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
23.55.235.170	unknown	United States	20940	AKAMAI-ASN1EU	false
152.195.19.97	unknown	United States	15133	EDGECASTUS	false
20.42.72.131	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
96.17.66.27	unknown	United States	16625	AKAMAI-ASUS	false
199.232.196.193	imgur.com	United States	54113	FASTLYUS	false
172.233.128.227	unknown	United States	20940	AKAMAI-ASN1EU	false
172.64.41.3	chrome.cloudflare-dns.com	United States	13335	CLOUDFLARENETUS	false
4.152.133.8	unknown	United States	3356	LEVEL3US	false
13.107.5.80	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
13.107.21.237	unknown	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
4.153.57.10	unknown	United States	3356	LEVEL3US	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
23.45.193.222	unknown	United States	20940	AKAMAI-ASN1EU	false

Private

IP
192.168.2.16

Contacted Domains

Name	IP	Active
chrome.cloudflare-dns.com	172.64.41.3	true
imgur.com	199.232.196.193	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
googlehosted.l.googleusercontent.com	142.250.185.129	true
sni1gl.wpc.nucdn.net	152.199.21.175	true
ipv4.imgur.map.fastly.net	199.232.196.193	true
clients2.googleusercontent.com	unknown	unknown
bzib.nelreports.net	unknown	unknown
i.imgur.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://i.imgur.com/i0nWQPo.png	false		unknown
https://services.bingapis.com/undersideproactive/api/v1/trigger	false		unknown
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.html	false		unknown
https://imgur.com/i0nWQPo.png	false		unknown
https://bzib.nelreports.net/api/report?cat=bingbusiness	false		unknown
https://chrome.cloudflare-dns.com/dns-query	false	URL Reputation: safe	unknown
https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/favicon.ico	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0736222e-3b74-4be9-b55d-77c14bf8bd53.tmp	JSON data	BB5B3C454659FFFC42106073D1BBE35E	07A71E95980D0EA68B85EC41D929BA8B8B961A2B	04BD3F13631063D571503FF0CA50423CAA47BFB87AD7F1D9A006012E02460488
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\083fba8f-bd86-4b71-80b7-2fb72e1b22b6.tmp	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\30f7d711-bdde-4103-8ebe-d9bcf0fc2d55.tmp	JSON data	22D8227242008C5FB1CB75867264AC7D	571663DE46FCC4BB16C8636F8ADF4A7D055C0636	8DDC3896DE3C9F0914D4F8E3A75DF99FAF620EBD556427DC0DEA3A0C75D2E258
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\56563531-98ff-4eeb-b631-b7cc2da2115b.tmp	JSON data	8BDE2937C97A5E3DDC62E67795E7F491	1AD00E3EA11F8D504CC9CC92ADAD979CC3CE197F	C080C04B93EE40A9976A2F82743DCA1B8053F0A8EE83A591724C93DDEEDCBF24
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\90b7c6f2-cbfc-4966-b055-83a6cf5a688e.tmp	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)	data	B5CFA9D6C8FEBD618F91AC2843D50A1C	2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3	BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp	data	B5CFA9D6C8FEBD618F91AC2843D50A1C	2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3	BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517A-D68.pma	data	2C3367B854840D1D9CC63E9BDE14D25E	7A9C42A9DB5902408E4AB2CC918CFAC3CF7D3DE3	010C34F959A031D07D7DBCE8D9203ADFDBA2D273946E10F394056BB38CB455F9
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517B-1A50.pma	data	F46809F9FC370B02DAA1B26D9C7C3AD4	7CFC1AAF301FAE0F8A6A4C7FA2F10AEA2A089B39	2B9156BE22CA09E432F8E3938E33A5C917E8F900FFA77B684C54432D9657E8C7
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat	data	A7CCECF522C54F332C20F87364541D21	9BC0158838376771524775C6A21B2C288B85DF29	C0DFA7F2AC753029B585282D72FA7FFB637B25EEEABCFABD34F5AFAEF6B52414
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0c34d7f7-24e0-41c8-a3cc-389eba4190d6.tmp	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3b4de697-d0ca-4551-8079-51784d94d4ee.tmp	JSON data	15DABA73FCCE579737AEB9C4D502F2CE	F4BBDDC1DE7498EC4ABF31516DB4F74D1EB49AAF	F5C836E103A86CDA9F97C671C6EADBF13B1CD05D8D3265D2760F93AE7B13F779
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\57dd5b1c-6ddb-46b8-ac26-2b46233d46d7.tmp	JSON data	8DF9F863D4819B10B17AA55BA4614CF1	39B74E6C3F28936721E9677E6F583A4463FFE1C2	C81EC63BA55C7BA6A48624FEDBCDB33AB8AD62A128A4DA9477E8CC0C247C50F5
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5972e13a-5609-4d90-bc9e-10128f0a9ade.tmp	JSON data	95EDCF6D2A0EC7D438ECA54B51471145	BA730354C1BA4E6783EEAE9BCE85315863D86940	AE382AA9FEF4F4E5380DA36C7AC2CF3CA986367E49A29EE0A26EA0ECB6A87C16
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\6a836405-8601-4916-a65e-6de7bdc4ffad.tmp	ASCII text, with very long lines (1597), with CRLF line terminators	3D8183370B5E2A9D11D43EBEF474B305	155AB0A46E019E834FA556F3D818399BFF02162B	6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8fa24d0a-1914-4acb-b532-1431ddff98e3.tmp	JSON data	76CD85C43A64AF6D4FCF906B28C1F9F0	0C10A9432488BEE36CF87984D0F2D46D4CEE5E87	2D53742E36EA3A635A5DD6F62BBC8A00F99DA86C1D5E4DE2F20D4C9D35797595
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\938e1561-67df-40e2-bf41-61810d7b5ac7.tmp	JSON data	E7587B9182E7B0B7A9D18C175BC48F19	1106EF1573D4757C7D429F28E77423B9B2C07A85	1983BDBFDB84996581F4DC11B873B824B911F89EA0B9CC92A24BF7C75A447C3F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log	data	3193EDB20DA8BCDE4929F71B52B11C29	B54CA9B63D6CB65500A94E1AEA92D9B61C3A61AA	ADB28054B65717FC3E856531F9077AE4FEB8802DE43D59697FF409727F239ECC
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG	ASCII text	7C509286F414C2FD5C85F41F564A28C0	8AAAA24C619C422357634420C9B91073AF2FF427	E7C50E4CF3C1A4BF9993E74ADC0805EF75B5E28D02A12A2BC109CEFDB6002304
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)	ASCII text	7C509286F414C2FD5C85F41F564A28C0	8AAAA24C619C422357634420C9B91073AF2FF427	E7C50E4CF3C1A4BF9993E74ADC0805EF75B5E28D02A12A2BC109CEFDB6002304
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1	BAE87612EA21AC4F46DB5841EC86630B	C8AAE949E030A4A605EC2854D426B5C16F882EAE	7B171BF88AB009804283A06348CB6A63614989DC676303080BF327BF5951648F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5	92F9F7F28AB4823C874D79EDF2F582DE	2D4F1B04C314C79D76B7FF3F50056ECA517C338B	6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log	data	7C0DDB5C8A5A1BBE7F2D0345454F2C0C	7C4BC3298EAE96307C29042B8ADACCF1BF1C5619	C244EDEFA3608F436F2F1EC562E45D78C2B3ED2FFB0330828098937AC270FA61
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG	ASCII text	2AA793B68121493069D28D1E81EE3694	B4915F5A1CFB4B12DED2C68163E1618B903669DA	DC93C5F6E410CFA6F411125D6123ADD0AC0679D01F24107A8871E47A8D436D40
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)	ASCII text	2AA793B68121493069D28D1E81EE3694	B4915F5A1CFB4B12DED2C68163E1618B903669DA	DC93C5F6E410CFA6F411125D6123ADD0AC0679D01F24107A8871E47A8D436D40
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6	F5C44F943C34FFDB9468A5A020C0718C	668C7B549984871CD1E2C2BE0AE063498B15E8AC	6724565B391DA1B090B95102A476914FAD66DBFF3C893046B735E42784D5C993
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log	data	5AD026FFA5632A98BF188EE1AA2D343A	74FA34B28E30D3BFA0687FEEA66810F52D83C93F	9ED7F4B05AC9EA6E86BA56F68D3D53E2882031D73CFE561735308FDEA2FE7097
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)	ASCII text	46295CAC801E5D4857D09837238A6394	44E0FA1B517DBF802B18FAF0785EEEA6AC51594B	0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG	ASCII text	6E165403DB24A4DA9F898F239AFEE30E	528D4F12E0CC66E3BB0157C892EAD993A6497A62	CD0D866E17510F4AB412ED2202C7DEDEC9EDF7105A1D62F32497A960D330F888
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001	OpenPGP Secret Key	5AF87DFD673BA2115E2FCF5CFDB727AB	D5B5BBF396DC291274584EF71F444F420B6056F1	F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json	JSON data	D92FDECEEFE37C540A910BEE0927C1AC	212814CBD672648F9E5D813981EB7928CE9780B1	8276ABD7E0045F40DC071265DCA8B26BF2EB57D16C4E9F15769EB0A2BDAD358D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log	data	BF097D724FDF1FCA9CF3532E86B54696	4039A5DD607F9FB14018185F707944FE7BA25EF7	1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG	ASCII text	620DFD16275B12EA302965A57D888942	152F56844E6508E1530F7BCFC8ECCCA85BBF5EEF	E69EF6009B18A168AEAF2636AFE98CADECF51EB59718024EE7364789B0E2CBFD
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)	ASCII text	620DFD16275B12EA302965A57D888942	152F56844E6508E1530F7BCFC8ECCCA85BBF5EEF	E69EF6009B18A168AEAF2636AFE98CADECF51EB59718024EE7364789B0E2CBFD
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log	data	BF097D724FDF1FCA9CF3532E86B54696	4039A5DD607F9FB14018185F707944FE7BA25EF7	1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG	ASCII text	413CAC8C58E5E2993857AE3E3E372A2D	0783770E010263C88ADE4CEC4F7FAE2A166B8759	F4DB0DB03CE85EDA673490EB58934DFFBBB9C4C66D7983A7DD17E83C86EAEC77
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)	ASCII text	413CAC8C58E5E2993857AE3E3E372A2D	0783770E010263C88ADE4CEC4F7FAE2A166B8759	F4DB0DB03CE85EDA673490EB58934DFFBBB9C4C66D7983A7DD17E83C86EAEC77
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log	data	826B4C0003ABB7604485322423C5212A	6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4	C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG	ASCII text	CC62BDB762EFD65FFC68BA4C226D4720	F53361D9010F7C7F695626B47B44723B2638153D	95C1B10B30DE5D7DEBD59BEBAFB4DEAC0A1669A17F4C7786270EA6293E676802
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)	ASCII text	CC62BDB762EFD65FFC68BA4C226D4720	F53361D9010F7C7F695626B47B44723B2638153D	95C1B10B30DE5D7DEBD59BEBAFB4DEAC0A1669A17F4C7786270EA6293E676802
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json	JSON data	5D1D9020CCEFD76CA661902E0C229087	DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6	B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Favicons	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 16, cookie 0x8, schema 4, UTF-8, version-valid-for 3	E553776CC1E7E886351C3EF275D852D9	C7B67263DE2352F582FB72C8A639E2901F6101AB	DB236B341B644E35D04521F0F637BCE6A9332D9551952D38822DFF84871C839A
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History	SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2	C101CF99C225B98BA30A3420BE9A6D50	64B957AE352016DDB62DD377C76E12CB163DFCA7	72D77A03623EB9A6BBB4941BE758178E25481B9A7DAAB39E56240F806BF5A08E
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)	ASCII text, with very long lines (1597), with CRLF line terminators	3D8183370B5E2A9D11D43EBEF474B305	155AB0A46E019E834FA556F3D818399BFF02162B	6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 6	A64D5E74E10FEF973439312C8479AD23	440977F6A3FD57C631820D6D5B911BD1D9270FF2	340DCD90D226B09B996C2F1DA4011597E12C467E052F765F402A8E5D1239626B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\02fa281a-20b5-4ff1-ac37-13e2fb54c445.tmp	MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel	ACC0AB7F7B0EDC65D5E998EA1416D0A4	2CD3A9951E1B6743195D9CFE5806C767C904457A	56FAB4CF8C00D60096FB4701456E22D1970FDC5D239969CD6F900EDA1125FF19
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\51ce0f7a-321a-45dc-ab82-5602ed153573.tmp	MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 20x20, 32 bits/pixel	C2AF1317E4B4D69F45826026DE8A93A5	4B32B4D1A75AD987CBF62093B0C0D0513E3BE04B	C6DF304E249ABBF217DBA6DD62CD30E34D055022168AB4144CD3A502D7ECE12A
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG	ASCII text	5ABA483BE414B8E316A7EDE1D38459DA	41285D81F4F595CEDEB4770B11F7FBFFD68DDF20	798487FFB217631E49CBB2A02A582BFC0CAB29D2B1155840038BD78187651DA8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)	ASCII text	5ABA483BE414B8E316A7EDE1D38459DA	41285D81F4F595CEDEB4770B11F7FBFFD68DDF20	798487FFB217631E49CBB2A02A582BFC0CAB29D2B1155840038BD78187651DA8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG	ASCII text	18235EDDF7F8D0635641F1F30CE1CEBA	A2EFF8BFBBAFD3435CDD2905789C645D852E1468	461C5B4808B996B9154EE573BB97A7F545333C93108B6C54429B7CB9E4B8A857
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)	ASCII text	18235EDDF7F8D0635641F1F30CE1CEBA	A2EFF8BFBBAFD3435CDD2905789C645D852E1468	461C5B4808B996B9154EE573BB97A7F545333C93108B6C54429B7CB9E4B8A857
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\039c3a7e-caa6-4ce1-88c2-d93c06180f92.tmp	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\27758115-861a-4e7d-b027-513cb56f2aff.tmp	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\46310893-06d2-411c-9024-0973ab1a4067.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\59bb6c52-a06e-44a8-8c93-d1019159a813.tmp	JSON data	3A0169F3FB56FB1FAE705CBB54C2819A	EDDBF676A73E1252C681F47B0E59A536F48E95BD	6A96EA388E0A441E5F05B2B783F502FBCC054DEBFC222109A94ED7744F1B9531
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF2d538.TMP (copy)	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF34632.TMP (copy)	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7	1CEFBAFB156FC2B8352D059B7D74D007	5D6CE69B45B341CAE539361F04C5D61A3093C97A	B6900549A28C0EB8C5E9D070BECC5EA783846FF04BB6950BD6C8257AC52AF590
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF1c0f9.TMP (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF1cee4.TMP (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp	JSON data	1DF84EE309080D3AE6514442993849F3	01820E11F482F86A362BD24EAE1468B95F51A634	38676795CD7C5D3A477036AA7D1417DA5FEEF07CF3589884943C1AA24FB1EB7C
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ee337360-9307-46c0-b000-c413b53ecca5.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\efaa457c-2f54-4b95-86ae-8727e048a4f3.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history	SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3	558A3F8C86B4E6580B54E8F7FA7E3DAF	BE2CA20287B762D66037530A721A825786816845	4821B776B0FDC4190DB1B261174F6C2D664DD45F3C0D77FE359D7B63FF64609C
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF23aec.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF266fd.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2ce43.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF32655.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF35361.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF38d4d.TMP (copy)	JSON data	7E1213DFF6A2AF85509216FBF5A81955	CF83EC3717D2C1510FEC7D77737E64D425B4BE9F	7AC3F8B76B403D15C1047EC489EE8DD2125640DC6D02FB71387D9772ED1E924B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)	JSON data	E7587B9182E7B0B7A9D18C175BC48F19	1106EF1573D4757C7D429F28E77423B9B2C07A85	1983BDBFDB84996581F4DC11B873B824B911F89EA0B9CC92A24BF7C75A447C3F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF22282.TMP (copy)	JSON data	E7587B9182E7B0B7A9D18C175BC48F19	1106EF1573D4757C7D429F28E77423B9B2C07A85	1983BDBFDB84996581F4DC11B873B824B911F89EA0B9CC92A24BF7C75A447C3F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log	data	2460F0AF28D9E0E8EB66E8A400CCCF97	163235E1484B65E43FCDA45AB9B24674BBD2245F	7173861FD7D2351CA8E977BD97C369426414D42BA882E3BD7973FBD07A03AA45
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG	ASCII text	BAC52199D0284E7042D58BC78D542334	6B7360BBABFE6BD635E81AE35D713E35AF87B9E9	D90466349DC2B9CD828DEDBF11A50173E5BF2525E099DA71A09F28291AFB2614
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)	ASCII text	BAC52199D0284E7042D58BC78D542334	6B7360BBABFE6BD635E81AE35D713E35AF87B9E9	D90466349DC2B9CD828DEDBF11A50173E5BF2525E099DA71A09F28291AFB2614
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13372809853927186	data	013C6B366E5487C077C43F7DBA656A2C	B9F6A934D2BCA53124B98EB5A79AC1C524B43DCD	8232E20CDA344A1552881879D4AD7AD0157C35EDEC0702D1926B80835273C880
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13372809966312300	data	0C2352D956837F48EA0EBB8D72AFB2D2	C61368DE21457A9A61A2633E81CEDB37453252E2	D44E80EFF4897BC40A796C5AC3783DE8A5CD521616EBBC82FA879353B244A22E
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1	B35F740AA7FFEA282E525838EABFE0A6	A67822C17670CCE0BA72D3E9C8DA0CE755A3421A	5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log	data	0CB41727A52303AD2345EFF675D32E6D	2CBC24A259A7F35486DA285B956EDC04DB5A7548	952013E7B685515B3096B2F1D34DBEB8F8D8F8A16B89F325D57A31FE14D7D9E4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG	ASCII text	234E90209E544C3AC595D443A0B6A476	915EEDC7E13630D28AA9B83422F25BAAB190C5D4	0BAEB74271AA87B0EE08F48E4F88255B27531FFB4647F6883931A71198E69C4B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)	ASCII text	234E90209E544C3AC595D443A0B6A476	915EEDC7E13630D28AA9B83422F25BAAB190C5D4	0BAEB74271AA87B0EE08F48E4F88255B27531FFB4647F6883931A71198E69C4B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG	ASCII text	C1F6D5D3C3F02331C91122CEDEDCDC09	3D3C53FBA779FF2D781F6E0D49CFF31D4AD58068	C17161B8B1B13C9D3F76C4150D9F67601D84626F5C68E09FAD3987589F0774E0
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)	ASCII text	C1F6D5D3C3F02331C91122CEDEDCDC09	3D3C53FBA779FF2D781F6E0D49CFF31D4AD58068	C17161B8B1B13C9D3F76C4150D9F67601D84626F5C68E09FAD3987589F0774E0
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\3516d9ef-abff-471f-abff-d43e22498706.tmp	JSON data	285252A2F6327D41EAB203DC2F402C67	ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6	5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\47fc9adb-abe5-4d63-8117-20be9b9b3f13.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\71c8b8cb-5fd5-44f7-ae8a-ef85358f4e66.tmp	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8aa6e17a-a932-4a3e-8151-8bd7c35b69d1.tmp	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State~RF34632.TMP (copy)	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF1cef3.TMP (copy)	JSON data	D751713988987E9331980363E24189CE	97D170E1550EEE4AFC0AF065B78CDA302A97674C	4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)	JSON data	20D4B8FA017A12A108C87F540836E250	1AC617FAC131262B6D3CE1F52F5907E31D5F6F00	6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens	SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4	DEA619BA33775B1BAEEC7B32110CB3BD	949B8246021D004B2E772742D34B2FC8863E1AAA	3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\feb732d6-849e-436a-9ff2-32d42f6472f0.tmp	JSON data	807419CA9A4734FEAF8D8563A003B048	A723C7D60A65886FFA068711F1E900CCC85922A6	AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log	data	69449520FD9C139C534E2970342C6BD8	230FE369A09DEF748F8CC23AD70FD19ED8D1B885	3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG	ASCII text	1EC7A0FFE6203C025B43CB8FDA8C2A12	655E72C0A08998178B1BA2FF858EFC49F669F5A4	3D54E46CC586DA4A78B2002048CC6D65E0CA64365F4B3AB40B3F33DE342FB038
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)	ASCII text	1EC7A0FFE6203C025B43CB8FDA8C2A12	655E72C0A08998178B1BA2FF858EFC49F669F5A4	3D54E46CC586DA4A78B2002048CC6D65E0CA64365F4B3AB40B3F33DE342FB038
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG	ASCII text	1537E08C5D07B6084640C29DAEAB313C	03C4B127989F4E4FFBAAFE5B3951C5DB467626FA	4CB3E65A31F22AE855804FFBCFB37A985168B4809F8275A7290E17A4A641B441
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)	ASCII text	1537E08C5D07B6084640C29DAEAB313C	03C4B127989F4E4FFBAAFE5B3951C5DB467626FA	4CB3E65A31F22AE855804FFBCFB37A985168B4809F8275A7290E17A4A641B441
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links	data	0BE6DFA165EDA06898414FE14AE530DB	F6C1D52617A050362CC051DAEF53DF3AC2837A29	3A117B7C636D2097F6A867C651533670460B9334F01C30D15D4A41A4D0F8F573
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10	1692A61F52595A6065185B19A178656B	C81B54F951E0A73D827C5A21288E2D36B808D845	8319A00B9DE9318B50214059BE78960589B1C39D12979C48FA1FE14DABAD2FD5
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1	981F351994975A68A0DD3ECE5E889FD0	080D3386290A14A68FCE07709A572AF98097C52D	3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json	ASCII text, with very long lines (3951), with CRLF line terminators	07301A857C41B5854E6F84CA00B81EA0	7441FC1018508FF4F3DBAA139A21634C08ED979C	2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b832e5e5-ebca-4231-a332-0620a0120378.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c2a63877-c70a-4b11-b880-78fbaabb4e36.tmp	JSON data	5CF8673A722B2FFA5BDD4CFE1BF5A7E3	6E980AAB12B279786B67F8010633ADCA1D173130	675BEAEA9859988265670B0E0B1ED1C64C6BBF692678373593CFBF3CE3F6B91B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c537488b-9f4e-4fb9-b8cc-7de6c0740485.tmp	JSON data	0EB374F7B6675D9729F4DDF4F90C811F	55F68A8FD0C37637F951153ACE2663B936ABF215	EDFE4DB1848D232F33E17B9E3089B341FEBDF9275BD54637776270C19F09357D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ca5554e4-2230-4949-91e6-462ca167e355.tmp	JSON data	6159273327EC5E55FE60E2CE650D53B6	307E4A71BD55B4070DB0BD1477792FF284CC8F59	2B57698B99D27F99509F9104F096FEA7988B5A20A9FEE1A80BC6538DA3E883E1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1	98643AF1CA5C0FE03CE8C687189CE56B	ECADBA79A364D72354C658FD6EA3D5CF938F686B	4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\de717b2c-14b8-430c-bdcb-e4a4d5018eab.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm	data	42B4F3B0D19614DFA145D7EBD1DFDD3E	224C5A286B8535FA3A3C7149EA352D2D89D19B89	6D1BEBAFA8BC81B35502957A5544EFE0A0C79906C7AA6BBA5E84BC349D40FD2A
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal	SQLite Write-Ahead Log, version 3007000	5F35FE92070ACF3B8E04F3E7C301FB37	DE0214707A1DD9F0F009B232EECF2D375CEE7749	D99FBE870FC071612F7C37464FCB354EAD91E59760E3E48D2B9A384A7E3F6BA0
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log	data	1A3906CFD3F39A76186908BBDE9B15E7	0599F16CCED410D8A8F3C71EF15F43F14A7D2903	41E0ABC28BFF4B546478EF1718D22BD5ACFCE334B8131019E0ED542A4ED69071
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG	ASCII text	D38FF4CEEBD1FB0F8B91743D74A4583A	1C94EB21F0C33A5BB14BEF7994D5CA68E3ABE7D5	CE63B44FD1E7AF720A0380C77AA38D034FC060E9959AE03FDF8E7691068A1B9F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)	ASCII text	D38FF4CEEBD1FB0F8B91743D74A4583A	1C94EB21F0C33A5BB14BEF7994D5CA68E3ABE7D5	CE63B44FD1E7AF720A0380C77AA38D034FC060E9959AE03FDF8E7691068A1B9F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log	data	3BE72D8D40752B3A97028FDB2931FABA	A27EA4726857A948F0A4B074062B674469A9A371	3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG	ASCII text	676FF9B5F6F1E422E9B38FC52C63A6AD	CC5E4A1394C3FC94AF98D2DB4169A2F5076E929B	AA987901DFA64F64570FE819653D871B2739B1BACD1F26364FCBB83566597138
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)	ASCII text	676FF9B5F6F1E422E9B38FC52C63A6AD	CC5E4A1394C3FC94AF98D2DB4169A2F5076E929B	AA987901DFA64F64570FE819653D871B2739B1BACD1F26364FCBB83566597138
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data	SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 2, database pages 1, cookie 0, schema 0, largest root page 1, unknown 0 encoding, version-valid-for 2	65A48E8FBD735B933D071B759E346EBA	898DD8045C41518D632E5C207F88844ECE22A660	2BAF08FBFA49E6B1459B9670231F502D7CF8B560180446CC0EA598D78FCAF367
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-journal	SQLite Rollback Journal	E2F804AB0048C46DB3E11437F147EF18	4348A667F5420AF498223277AE9858FEACB3F99D	7DA7211156ADD3018F25689CC31BD9F6A3355075025E67F9E080BFA0671C965B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Functional SAN Data-wal	SQLite Write-Ahead Log, version 3007000	02656BF0F222413B5B13A24AA81E8DA1	3E15B8108C482A5015656CE87BC880BDBA743A83	7C6BE776408F783BA6AE1E8080D94D9CE343A9B222367A9321C5E8920185EE2B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser	data	A397E5983D4A1619E36143B4D804B870	AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4	9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version	ASCII text, with no line terminators	BF16C04B916ACE92DB941EBB1AF3CB18	FA8DAEAE881F91F61EE0EE21BE5156255429AA8A	7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1bb9a.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1bd30.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF1e431.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2ce14.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF32636.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35361.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39af9.TMP (copy)	JSON data	8128707F848E7B79D428748E112E62E8	CB41B71F508FDA1B6DC04BF23DA4AB8DB881B288	C3429594F53EB0BCD846505C6C5B6B187BB48EA251DF50541D0760B2C3C739F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history	SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 4	F8EF21D26493A9CCDCC67C57903041B0	4698EBCEDA9BBDBCED60809F8DD4462909D80C21	EEB4D9CE5D926F93404E8BE393D20EDAD935D2303DDC690885CAEC2DD78D2FF7
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings	ASCII text, with no line terminators	48324111147DECC23AC222A361873FC5	0DF8B2267ABBDBD11C422D23338262E3131A4223	D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14	JSON data	BB57A76019EADEDC27F04EB2FB1F1841	8B41A1B995D45B7A74A365B6B1F1F21F72F86760	2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings	ASCII text, with no line terminators	177F4D75F4FEE84EF08C507C3476C0D2	08E17AEB4D4066AC034207420F1F73DD8BE3FAA0	21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1	JSON data	EB75CEFFE37E6DF9C171EE8380439EDA	F00119BA869133D64E4F7F0181161BD47968FA23	48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris	ASCII text, with no line terminators	6A3A60A3F78299444AACAA89710A64B6	2A052BF5CF54F980475085EEF459D94C3CE5EF55	61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468	data	3A05EAEA94307F8C57BAC69C3DF64E59	9B852B902B72B9D5F7B9158E306E1A2C5F6112C8	A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic	ASCII text, with no line terminators	52E2839549E67CE774547C9F07740500	B172E16D7756483DF0CA0A8D4F7640DD5D557201	F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371	data	BE5D1A12C1644421F877787F8E76642D	06C46A95B4BD5E145E015FA7E358A2D1AC52C809	C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982	raw G3 (Group 3) FAX, byte-padded	E9C502DB957CDB977E7F5745B34C32E6	DBD72B0D3F46FA35A9FE2527C25271AEC08E3933	5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache	ASCII text, with no line terminators	B6F7A6B03164D4BF8E3531A5CF721D30	A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA	3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_	JSON data	8EB5E05835AD7476A0DA01A95004518A	681CB680FF03DA3638B0408C01AE17873CA43160	41DD3462BFD8FF9B0821ACFF44021EABE871D29D0B4F940712AF867316B6CADF
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations	JSON data	E9E365607374115B92E4ABE4B9628101	D5054EA9B22317DCA83801EB3586017BFCC0E2A8	5CD2C4D9F13524923046198C92213691539407E04FA520CDAE9EADE1BAD3D91D
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\dbec4cb6-344f-432e-8b35-f75221a9f4d8.tmp	JSON data	9FDE02C0103DBC23CD48FBDDD3250527	916C7F033336D708B5DC41191838196A5C750ADE	FF9926D2B0B583B3BE62EE66149A3ABAD4AB7B2B73E8977315C4CA6B71B943F1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e99debad-500e-458d-9076-0947d5f6e852.tmp	JSON data	C399D0037EBEFEDE52EC3ED80599A675	D14F44BF388325A49432950D2F9CC46FD7CA5F17	24AE7EE6B318CF6F5B48A973F461F0832344FBF23B6F691EAEED4940DA6B82C1
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f689411c-0bb5-4f52-9d8a-d29bc3d3570f.tmp	JSON data	0F67BF28B31C84A51F1AFDD5341659E2	0E739800736F86125D576F1D4921BF7C29EAF658	49E226367CA799B55844A1D5CD57108D483247E85EC0BFED45C87F346BDD860D
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres	data	58B0F65D0F263272F05644C2D6A5388C	5CF2049AEA923B345F005FD1C7C4601A4178F300	431998670BA1CDF9B92D1B4DF39F1EE27E84C5ECF51F29CBDA61031C71026637
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres	data	0F9585A7FD4FD4381BDC0877C0E53769	4FB79786D247309448C9C20E1BF218E1792237DD	90D6B2BC1AAF6E20C2DDED77A093D0FB131FDAF1F9E0AA82288B93BF58697BFB
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres	data	D452FD8FBE63004D4B0A1FFE816871B3	6F34B5266A32168071910938D7625CD815B36F2D	34DAA67CAE35BB67CBC23EDC34D59CACC30927F4B936E2600E7E6E7EF4C0B9CC
C:\Users\user\AppData\Local\Temp\.ses	ASCII text, with CRLF line terminators	11B6EE7DDE6AAAEAB2ED5EDD9B0C1985	15E68049F3B4897267B803C686859DFBAA1C0B33	E3BB056DDCFDA082C708931CD351AF9DC117EF384E2D347B92A18248F79CBE4B
C:\Users\user\AppData\Local\Temp\46b84e1f-644f-41c0-b8f9-5ba9a2aef32c.tmp	JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3	206D7FDD205702CD52FEF631A2C9987E	680B3C5B21E45B4DF7A62888ED4A4E086ACC7B2B	54D5D2EF589DA2F84427F31C5103127211E65886FA5B45FB308378F9EE7E1D5A
C:\Users\user\AppData\Local\Temp\5d395314-5413-4b2b-86a1-56f1aafd7b93.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\75f45a42-6bff-420b-9af2-993a24cfb6ab.tmp	gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41926	8FF595964BFD8A1E26A5A921EBBD54AC	93E71CEFAF91707EF7D45BF97290150DE48FD3E8	F4B8A7749D386D847BBAF5036A4172798AE14C92F40F884FB687CB4DF50A60F8
C:\Users\user\AppData\Local\Temp\b4963bde-9912-4290-93af-fec5c01ce9d9.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\cv_debug.log	JSON data	637E69C4D35FAC6BAC6EA99473A1EC45	35432F49DE48A58D75AEB705FE42F159D8F17B9B	7196FE541E0445DCC835505F91C8582CC941CABE4E187F85034E97F5FFF20D18
C:\Users\user\AppData\Local\Temp\d7725399-ee09-4744-9f15-d80e69ca601b.tmp	Google Chrome extension, version 3	78E47DDA17341BED7BE45DCCFD89AC87	1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F	67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
C:\Users\user\AppData\Local\Temp\e8217381-1723-4001-b9ac-7637b658ba1f.tmp	PNG image data, 342 x 126, 8-bit colormap, non-interlaced	A96BE32BF33CCDC6C0B4137ECB5FD563	2CDDF8A54326A15323660D44FAD9C0DC485C8D12	A6B4FC12406A93652C8856AAA158CE23A3D119B9E6FCFA01ACECB568B0BE001C
C:\Users\user\AppData\Local\Temp\fbde4b75-5c54-43f0-9fa3-751df5604815.tmp	PNG image data, 1356 x 1466, 8-bit/color RGB, non-interlaced	9BBF998CB4F7584B3E4BD1A949FF3B9A	5AD75615BC2C7728AFDD67370976BF90F04BC4D4	2E14598E4A1543A4A8DE203F9245459D553F10AD80C00FC3729E1CA6B466EF97
C:\Users\user\AppData\Local\Temp\fc86dd97-dca4-445d-bd83-cc48e254a869.tmp	Google Chrome extension, version 3	E2D2F826A2253DA9DA88FAEA320734DB	17B24A01C01485399600196B6AA68456F070942F	E59D727AD2F2EA2612506AF5418A2EBF5974F16F7AAA9F7497BC92D75A451624
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\_metadata\verified_contents.json	JSON data	738E757B92939B24CDBBD0EFC2601315	77058CBAFA625AAFBEA867052136C11AD3332143	D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\content.js	Unicode text, UTF-8 text, with very long lines (8031), with no line terminators	3D20584F7F6C8EAC79E17CCA4207FB79	3C16DCC27AE52431C8CDD92FBAAB0341524D3092	0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\content_new.js	Unicode text, UTF-8 text, with very long lines (8604), with no line terminators	3DE1E7D989C232FC1B58F4E32DE15D64	42B152EA7E7F31A964914F344543B8BF14B5F558	D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\CRX_INSTALL\manifest.json	JSON data	E805E9E69FD6ECDCA65136957B1FB3BE	2356F60884130C86A45D4B232A26062C7830E622	5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_1580147103\d7725399-ee09-4744-9f15-d80e69ca601b.tmp	Google Chrome extension, version 3	78E47DDA17341BED7BE45DCCFD89AC87	1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F	67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	913064ADAAA4C4FA2A9D011B66B33183	99EA751AC2597A080706C690612AEEEE43161FC1	AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\af\messages.json	JSON data	12403EBCCE3AE8287A9E823C0256D205	C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037	B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\am\messages.json	JSON data	9721EBCE89EC51EB2BAEB4159E2E4D8C	58979859B28513608626B563138097DC19236F1F	3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ar\messages.json	JSON data	3EC93EA8F8422FDA079F8E5B3F386A73	24640131CCFB21D9BC3373C0661DA02D50350C15	ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\az\messages.json	JSON data	9A798FD298008074E59ECC253E2F2933	1E93DA985E880F3D3350FC94F5CCC498EFC8C813	628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\be\messages.json	JSON data	68884DFDA320B85F9FC5244C2DD00568	FD9C01E03320560CBBB91DC3D1917C96D792A549	DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\bg\messages.json	JSON data	2E6423F38E148AC5A5A041B1D5989CC0	88966FFE39510C06CD9F710DFAC8545672FFDCEB	AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\bn\messages.json	JSON data	651375C6AF22E2BCD228347A45E3C2C9	109AC3A912326171D77869854D7300385F6E628C	1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ca\messages.json	JSON data	D177261FFE5F8AB4B3796D26835F8331	4BE708E2FFE0F018AC183003B74353AD646C1657	D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\cs\messages.json	JSON data	CCB00C63E4814F7C46B06E4A142F2DE9	860936B2A500CE09498B07A457E0CCA6B69C5C23	21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\cy\messages.json	JSON data	A86407C6F20818972B80B9384ACFBBED	D1531CD0701371E95D2A6BB5EDCB79B949D65E7C	A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\da\messages.json	JSON data	B922F7FD0E8CCAC31B411FC26542C5BA	2D25E153983E311E44A3A348B7D97AF9AAD21A30	48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\de\messages.json	JSON data	D116453277CC860D196887CEC6432FFE	0AE00288FDE696795CC62FD36EABC507AB6F4EA4	36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\el\messages.json	JSON data	9ABA4337C670C6349BA38FDDC27C2106	1FC33BE9AB4AD99216629BC89FBB30E7AA42B812	37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en\messages.json	JSON data	07FFBE5F24CA348723FF8C6C488ABFB8	6DC2851E39B2EE38F88CF5C35A90171DBEA5B690	6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_CA\messages.json	JSON data	07FFBE5F24CA348723FF8C6C488ABFB8	6DC2851E39B2EE38F88CF5C35A90171DBEA5B690	6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_GB\messages.json	JSON data	3734D498FB377CF5E4E2508B8131C0FA	AA23E39BFE526B5E3379DE04E00EACBA89C55ADE	AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\en_US\messages.json	JSON data	578215FBB8C12CB7E6CD73FBD16EC994	9471D71FA6D82CE1863B74E24237AD4FD9477187	102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\es\messages.json	JSON data	F61916A206AC0E971CDCB63B29E580E3	994B8C985DC1E161655D6E553146FB84D0030619	2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\es_419\messages.json	JSON data	535331F8FB98894877811B14994FEA9D	42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB	90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\et\messages.json	JSON data	64204786E7A7C1ED9C241F1C59B81007	586528E87CD670249A44FB9C54B1796E40CDB794	CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\eu\messages.json	JSON data	29A1DA4ACB4C9D04F080BB101E204E93	2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1	A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fa\messages.json	JSON data	097F3BA8DE41A0AAF436C783DCFE7EF3	986B8CABD794E08C7AD41F0F35C93E4824AC84DF	7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fi\messages.json	JSON data	B38CBD6C2C5BFAA6EE252D573A0B12A1	2E490D5A4942D2455C3E751F96BD9960F93C4B60	2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fil\messages.json	JSON data	FCEA43D62605860FFF41BE26BAD80169	F25C2CE893D65666CC46EA267E3D1AA080A25F5B	F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fr\messages.json	JSON data	A58C0EEBD5DC6BB5D91DAF923BD3A2AA	F169870EEED333363950D0BCD5A46D712231E2AE	0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\fr_CA\messages.json	JSON data	6CAC04BDCC09034981B4AB567B00C296	84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5	4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\gl\messages.json	JSON data	6BAAFEE2F718BEFBC7CD58A04CCC6C92	CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF	0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\gu\messages.json	JSON data	BC7E1D09028B085B74CB4E04D8A90814	E28B2919F000B41B41209E56B7BF3A4448456CFE	FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hi\messages.json	JSON data	98A7FC3E2E05AFFFC1CFE4A029F47476	A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD	D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hr\messages.json	JSON data	25CDFF9D60C5FC4740A48EF9804BF5C7	4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0	73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hu\messages.json	JSON data	8930A51E3ACE3DD897C9E61A2AEA1D02	4108506500C68C054BA03310C49FA5B8EE246EA4	958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\hy\messages.json	JSON data	55DE859AD778E0AA9D950EF505B29DA9	4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2	0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\id\messages.json	JSON data	34D6EE258AF9429465AE6A078C2FB1F5	612CAE151984449A4346A66C0A0DF4235D64D932	E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\is\messages.json	JSON data	CAEB37F451B5B5E9F5EB2E7E7F46E2D7	F917F9EAE268A385A10DB3E19E3CC3ACED56D02E	943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\it\messages.json	JSON data	0D82B734EF045D5FE7AA680B6A12E711	BD04F181E4EE09F02CD53161DCABCEF902423092	F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\iw\messages.json	JSON data	26B1533C0852EE4661EC1A27BD87D6BF	18234E3ABAF702DF9330552780C2F33B83A1188A	BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ja\messages.json	JSON data	15EC1963FC113D4AD6E7E59AE5DE7C0A	4017FC6D8B302335469091B91D063B07C9E12109	34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ka\messages.json	JSON data	83F81D30913DC4344573D7A58BD20D85	5AD0E91EA18045232A8F9DF1627007FE506A70E0	30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\kk\messages.json	JSON data	2D94A58795F7B1E6E43C9656A147AD3C	E377DB505C6924B6BFC9D73DC7C02610062F674E	548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\km\messages.json	JSON data	B3699C20A94776A5C2F90AEF6EB0DAD9	1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA	A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\kn\messages.json	JSON data	38BE0974108FC1CC30F13D8230EE5C40	ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD	30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ko\messages.json	JSON data	F3E59EEEB007144EA26306C20E04C292	83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90	C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lo\messages.json	JSON data	E20D6C27840B406555E2F5091B118FC5	0DCECC1A58CEB4936E255A64A2830956BFA6EC14	89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lt\messages.json	JSON data	970544AB4622701FFDF66DC556847652	14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317	5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\lv\messages.json	JSON data	A568A58817375590007D1B8ABCAEBF82	B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597	0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ml\messages.json	JSON data	4717EFE4651F94EFF6ACB6653E868D1A	B8A7703152767FBE1819808876D09D9CC1C44450	22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\mn\messages.json	JSON data	83E7A14B7FC60D4C66BF313C8A2BEF0B	1CCF1D79CDED5D65439266DB58480089CC110B18	613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\mr\messages.json	JSON data	3B98C4ED8874A160C3789FEAD5553CFA	5550D0EC548335293D962AAA96B6443DD8ABB9F6	ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ms\messages.json	JSON data	7D273824B1E22426C033FF5D8D7162B7	EADBE9DBE5519BD60458B3551BDFC36A10049DD1	2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\my\messages.json	JSON data	342335A22F1886B8BC92008597326B24	2CB04F892E430DCD7705C02BF0A8619354515513	243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ne\messages.json	JSON data	B1083DA5EC718D1F2F093BD3D1FB4F37	74B6F050D918448396642765DEF1AD5390AB5282	E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\nl\messages.json	JSON data	32DF72F14BE59A9BC9777113A8B21DE6	2A8D9B9A998453144307DD0B700A76E783062AD0	F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\no\messages.json	JSON data	A1744B0F53CCF889955B95108367F9C8	6A5A6771DFF13DCB4FD425ED839BA100B7123DE0	21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pa\messages.json	JSON data	97F769F51B83D35C260D1F8CFD7990AF	0D59A76564B0AEE31D0A074305905472F740CECA	BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pl\messages.json	JSON data	B8D55E4E3B9619784AECA61BA15C9C0F	B4A9C9885FBEB78635957296FDDD12579FEFA033	E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pt_BR\messages.json	JSON data	608551F7026E6BA8C0CF85D9AC11F8E3	87B017B2D4DA17E322AF6384F82B57B807628617	A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\pt_PT\messages.json	JSON data	0963F2F3641A62A78B02825F6FA3941C	7E6972BEAB3D18E49857079A24FB9336BC4D2D48	E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ro\messages.json	JSON data	BED8332AB788098D276B448EC2B33351	6084124A2B32F386967DA980CBE79DD86742859E	085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ru\messages.json	JSON data	51D34FE303D0C90EE409A2397FCA437D	B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12	BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\si\messages.json	JSON data	B8A4FD612534A171A9A03C1984BB4BDD	F513F7300827FE352E8ECB5BD4BB1729F3A0E22A	54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sk\messages.json	JSON data	8E55817BF7A87052F11FE554A61C52D5	9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455	903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sl\messages.json	JSON data	BFAEFEFF32813DF91C56B71B79EC2AF4	F8EDA2B632610972B581724D6B2F9782AC37377B	AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sr\messages.json	JSON data	7F5F8933D2D078618496C67526A2B066	B7050E3EFA4D39548577CF47CB119FA0E246B7A4	4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sv\messages.json	JSON data	90D8FB448CE9C0B9BA3D07FB8DE6D7EE	D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84	64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\sw\messages.json	JSON data	D0579209686889E079D87C23817EDDD5	C4F99E66A5891973315D7F2BC9C1DAA524CB30DC	0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ta\messages.json	JSON data	DCC0D1725AEAEAAF1690EF8053529601	BB9D31859469760AC93E84B70B57909DCC02EA65	6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\te\messages.json	JSON data	385E65EF723F1C4018EEE6E4E56BC03F	0CEA195638A403FD99BAEF88A360BD746C21DF42	026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\th\messages.json	JSON data	64077E3D186E585A8BEA86FF415AA19D	73A861AC810DABB4CE63AD052E6E1834F8CA0E65	D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\tr\messages.json	JSON data	76B59AAACC7B469792694CF3855D3F4C	7C04A2C1C808FA57057A4CCEEE66855251A3C231	B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\uk\messages.json	JSON data	970963C25C2CEF16BB6F60952E103105	BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA	9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\ur\messages.json	JSON data	8B4DF6A9281333341C939C244DDB7648	382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B	5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\vi\messages.json	JSON data	773A3B9E708D052D6CBAA6D55C8A5438	5617235844595D5C73961A2C0A4AC66D8EA5F90F	597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_CN\messages.json	JSON data	3E76788E17E62FB49FB5ED5F4E7A3DCE	6904FFA0D13D45496F126E58C886C35366EFCC11	E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_HK\messages.json	JSON data	524E1B2A370D0E71342D05DDE3D3E774	60D1F59714F9E8F90EF34138D33FBFF6DD39E85A	30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zh_TW\messages.json	JSON data	0E60627ACFD18F44D4DF469D8DCE6D30	2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5	F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_locales\zu\messages.json	JSON data	71F916A64F98B6D1B5D1F62D297FDEC1	9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA	EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\_metadata\verified_contents.json	JSON data	3B2ADA9A6C4A36317B9F2FD4DC477286	AAA98236263AF2E89EC656FB77C1CE6109A0C406	D65B75256E92E254A2901FC8B098B085BACDE8C8B4573D62A767685C99CF4E13
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\dasherSettingSchema.json	JSON data	4EC1DF2DA46182103D2FFC3B92D20CA5	FB9D1BA3710CF31A87165317C6EDC110E98994CE	6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\manifest.json	JSON data	82C1E68CE5BC74836539190CC694B1D8	E600E8B60478DA55D39D89EDBA5F60BD6C305EDC	D2E1293ADB0B65ACA5128C17ACC307909DA5472118D15D27114E7606966411CD
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\offscreendocument.html	HTML document, ASCII text	B747B5922A0BC74BBF0A9BC59DF7685F	7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C	B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\offscreendocument_main.js	ASCII text, with very long lines (3700)	67381D084AEE4867CBCC3AF7318D6397	97930142424414C431417E87DB916E74D5F76BCB	DD2AE861331E64CDB52CB96BC907F570F9D092F16665BD4E9B08737642F99667
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\page_embed_script.js	ASCII text, with very long lines (337)	DB5BCE8EA2BD54C070ED20C4A6375334	A34210E996527FF7E0EDD2196928BA315051191E	BB441AA10157F7251798B1CF89A46BDC314A0A78E20B1F30613ED8DA5297D916
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\CRX_INSTALL\service_worker_bin_prod.js	ASCII text, with very long lines (3705)	A9BDEDDFD309A1901CF146424F10C0EE	2859F6D2C6624CDCD60357D1874016B5228DE47A	6D00D7DFF15286E5299ECE90B215B0AA280666EE95E10BE250798E5624C13D4A
C:\Users\user\AppData\Local\Temp\scoped_dir6736_986936595\fc86dd97-dca4-445d-bd83-cc48e254a869.tmp	Google Chrome extension, version 3	E2D2F826A2253DA9DA88FAEA320734DB	17B24A01C01485399600196B6AA68456F070942F	E59D727AD2F2EA2612506AF5418A2EBF5974F16F7AAA9F7497BC92D75A451624

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.4:443 -> 192.168.2.16:49775 version: TLS 1.2

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View	IP Address: 13.107.246.40 13.107.246.40
Source: Joe Sandbox View	IP Address: 13.107.246.45 13.107.246.45
Source: Joe Sandbox View	IP Address: 23.55.235.170 23.55.235.170

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View

JA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4

Uses a known web browser user agent for HTTP communication

Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /crx/blobs/AYA8VywseXPF6DpmaP2KXF4TdJ6uz1pHJdo7SIzf64awZn_DsPwbF0Oii_eW16b6DjZW2yznOTlm_VxQeAWAuOcWr9enBdMY228AFVKEGaLo1DSnWlaxBThs2IAXfaAO1h0AxlKa5Znxy93x0I97CvvQ6KVcNCMVw4_g/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_82_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1728941055&P2=404&P3=2&P4=R8hc62l9nW11j05Lzf5XSYAUmoU5kTTrSdc8QXvyEP5NTjwYcD9hSYUfsADrBXVS9ymJh8advQVEMTIG6mv%2fxg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 8jNmE1QvgV6Bhj3XcU+byLSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: OPTIONS /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveOrigin: https://business.bing.comAccess-Control-Request-Method: POSTAccess-Control-Request-Headers: content-typeUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/report?cat=bingbusiness HTTP/1.1Host: bzib.nelreports.netConnection: keep-aliveContent-Length: 938Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /bloomfilterfiles/ExpandedDomainsFilterGlobal.json HTTP/1.1Host: www.bing.comConnection: keep-aliveCookie: ANON=; MUID=;_RwBf=;Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /en-gb/edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1186APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336342692Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /undersideproactive/api/v1/trigger HTTP/1.1Host: services.bingapis.comConnection: keep-aliveContent-Length: 185Content-Type: application/jsonSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/2e4b955.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/5b15c2a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/24b82ee.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 991APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336344061Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/105d560.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/16d7f8e.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/ec09bb6.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/659e497.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 939APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336346159Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 3592Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/287b8b9.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/859decd.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/1c2ab9a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/f99a53a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1000APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336347385Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4775Host: login.live.com
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1230Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiY0Q5Umt0bmU1WGVKRGFBSFNmZVlLQT09IiwgImhhc2giOiJoamZFdkVOTGxOaz0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/6e93679.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 704APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336348547Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4775Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/76250cb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4742Host: login.live.com
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/9f3b99e.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 934APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336350222Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/toptraffic/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 746Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiWDA0MUx3NE1UVTRjdTVTRzlsU1lHQT09IiwgImhhc2giOiI1WS9Zazc5VUh5MD0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "170540185939602997400506234197983529371"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /RST2.srf HTTP/1.0Connection: Keep-AliveContent-Type: application/soap+xmlAccept: /User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})Content-Length: 4742Host: login.live.com
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 997APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336350924Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/shopping/v1/item/search?appid=67220BD2169C2EA709984467C21494086DF8CA85&features=persnlcashback&sf=cashback1 HTTP/1.1Host: www.bing.comConnection: keep-aliveContent-Length: 2188Cookie: ANON=; MUID=;_RwBf=;Content-Type: application/jsonSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/dd71a23.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1100Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiT05ZL2cyb3B3ajBHTHZHMk9uWUQ3QT09IiwgImhhc2giOiJQbVZaRzFBNUNSQT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "636976985063396749.rel.v2"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1584Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiVXRIZ1huYjFiUThWaFVacEIwTUtwZz09IiwgImhhc2giOiJoMm56ZmZLcnJNVT0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/settings/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1100Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiT05ZL2cyb3B3ajBHTHZHMk9uWUQ3QT09IiwgImhhc2giOiJQbVZaRzFBNUNSQT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "2.0-0"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/data/bloomfilter/x/3 HTTP/1.1Host: data-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1093Accept: application/octet-stream;application/x-patch-bsdiff;Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiNzZmaEtqQmFrSEhZU2g4VHBQamlSQT09IiwgImhhc2giOiJyVUpqL0xiWlJCWT0ifQ==Content-Type: application/json; charset=utf-8If-None-Match: "638343870221005468"Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/03948fb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/cms/lrs1c69a1j/logos/5a74283229e24d0ca59fb94ed941c3a0.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display.5c8aa5a.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display-semibold.b7bb141.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /welcome/static/favicon.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 854APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336362340Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 760APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336364015Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 815APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336368649Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 705APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336371365Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: POST /api/browser/edge/navigate/3 HTTP/1.1Host: nav-edge.smartscreen.microsoft.comConnection: keep-aliveContent-Length: 1640Authorization: SmartScreenHash eyJhdXRoSWQiOiI0MWE0MzhiYy0xMjQ5LTQzZDMtYTI2ZC02OWNkNjJjMDgzMTciLCAia2V5IjoiMWJUdXdtSCs0a2F3c3JBaExhOGhPQT09IiwgImhhc2giOiJUdFM0RkRhSGRpMD0ifQ==Content-Type: application/json; charset=utf-8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br
Source: global traffic	HTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Host: functional.events.data.microsoft.comConnection: keep-aliveContent-Length: 1116APIKey: 70109aa3567b40e3bb8ac9e67a07b58a-b00e4868-b511-4be4-90dd-6370c812f0af-7167Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.5.131.1Upload-Time: 1728336376051Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, br

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.40
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212
Source: unknown	TCP traffic detected without corresponding DNS query: 52.149.20.212

Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /i0nWQPo.png HTTP/1.1Host: i.imgur.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /crx/blobs/AYA8VywseXPF6DpmaP2KXF4TdJ6uz1pHJdo7SIzf64awZn_DsPwbF0Oii_eW16b6DjZW2yznOTlm_VxQeAWAuOcWr9enBdMY228AFVKEGaLo1DSnWlaxBThs2IAXfaAO1h0AxlKa5Znxy93x0I97CvvQ6KVcNCMVw4_g/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_82_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.47Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=cGWaYPxgZpr+Hyr&MD=aKXoZ2Bh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1728941055&P2=404&P3=2&P4=R8hc62l9nW11j05Lzf5XSYAUmoU5kTTrSdc8QXvyEP5NTjwYcD9hSYUfsADrBXVS9ymJh8advQVEMTIG6mv%2fxg%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 8jNmE1QvgV6Bhj3XcU+byLSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=cGWaYPxgZpr+Hyr&MD=aKXoZ2Bh HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /bloomfilterfiles/ExpandedDomainsFilterGlobal.json HTTP/1.1Host: www.bing.comConnection: keep-aliveCookie: ANON=; MUID=;_RwBf=;Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /fwlink/?linkid=2132659&form=MT004A&OCID=MT004A HTTP/1.1Host: go.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /en-gb/edge/welcome?form=MT00LJ HTTP/1.1Host: www.microsoft.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-full-version: "117.0.2045.47"sec-ch-ua-arch: "x86"sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"sec-ch-ua-bitness: "64"sec-ch-prefers-color-scheme: lightAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/2e4b955.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/5b15c2a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/24b82ee.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/105d560.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/16d7f8e.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/ec09bb6.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/659e497.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/index.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/287b8b9.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/css/859decd.css HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/1c2ab9a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/f99a53a.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/6e93679.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/76250cb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/9f3b99e.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/dd71a23.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/03948fb.js HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/cms/lrs1c69a1j/logos/5a74283229e24d0ca59fb94ed941c3a0.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display.5c8aa5a.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /shared/edgeweb/fonts/segoeui-vf-display-semibold.b7bb141.woff2 HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.microsoft.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://edgestatic.azureedge.net/shared/edgeweb/css/105d560.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /welcome/static/favicon.png HTTP/1.1Host: edgestatic.azureedge.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global traffic	HTTP traffic detected: GET /index.html HTTP/1.1Host: letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8

Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: 000003.log7.3.dr	String found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log7.3.dr	String found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log7.3.dr	String found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.facebook.com/&origin=PinningWizard equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://edge.microsoft.com/favicon/v1?client=chrome_desktop&nfrp=2&check_seen=true&size=32&min_size=16&max_size=256&fallback_opts=TYPE,SIZE,URL&url=https://www.youtube.com/&origin=PinningWizard equals www.youtube.com (Youtube)
Source: Favicons.3.dr	String found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
Source: Favicons.3.dr	String found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: imgur.com
Source: global traffic	DNS traffic detected: DNS query: bzib.nelreports.net
Source: global traffic	DNS traffic detected: DNS query: i.imgur.com
Source: global traffic	DNS traffic detected: DNS query: clients2.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: chrome.cloudflare-dns.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundX-Cache: CONFIG_NOCACHEAccept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-VersionX-MSEdge-Ref: Ref A: 830517F1F485466EB2C072F728EC72BC Ref B: EWR311000104019 Ref C: 2024-10-07T21:25:45ZDate: Mon, 07 Oct 2024 21:25:45 GMTConnection: closeContent-Length: 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:47 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx000001c5a9c3590212858-00670451db-7288d13a-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:47 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx00000872941ddaea3b8b5-00670451d4-7311adea-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:25:51 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx00000bdd9cafcd3d6f40f-00670451d9-72889e81-defaultAccept-Ranges: bytes
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 07 Oct 2024 21:26:15 GMTContent-Type: application/xmlContent-Length: 280Connection: closex-amz-request-id: tx000006803c47cfea47611-00670451ea-73836779-defaultAccept-Ranges: bytes

Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://bard.google.com/
Source: Reporting and NEL.4.dr	String found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: Web Data.3.dr	String found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: Web Data.3.dr	String found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: manifest.json0.3.dr	String found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json0.3.dr	String found in binary or memory: https://chromewebstore.google.com/
Source: a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp.4.dr, 59bb6c52-a06e-44a8-8c93-d1019159a813.tmp.4.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json.3.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: a04585d0-7636-4cd6-9302-8f8bda126ce8.tmp.4.dr, 59bb6c52-a06e-44a8-8c93-d1019159a813.tmp.4.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.4.dr	String found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
Source: manifest.json.3.dr	String found in binary or memory: https://docs.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json.3.dr	String found in binary or memory: https://drive.google.com/
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: Web Data.3.dr	String found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log6.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr, HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: HubApps Icons.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 000003.log7.3.dr	String found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: Favicons.3.dr	String found in binary or memory: https://edgestatic.azureedge.net/welcome/static/favicon.png
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://gaana.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: _Ggerlach_Benefits_and_Commission_2024.svg	String found in binary or memory: https://imgur.com/i0nWQPo.png
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: 000003.log.3.dr	String found in binary or memory: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/
Source: Session_13372809853927186.3.dr	String found in binary or memory: https://letmlcroroflmlcrsftoninbraingetekdkverf-portal-secure-ducsahre.us-lax-1.linodeobjects.com/in
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.kugou.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.soundcloud.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://m.vk.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.amazon.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.apple.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://music.yandex.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://open.spotify.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/0/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/0/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://tidal.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://twitter.com/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.3.dr	String found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://vibe.naver.com/today
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.telegram.org/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://web.whatsapp.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: Favicons.3.dr	String found in binary or memory: https://www.aliexpress.com/
Source: Favicons.3.dr	String found in binary or memory: https://www.amazon.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.deezer.com/
Source: content.js.3.dr, content_new.js.3.dr	String found in binary or memory: https://www.google.com/chrome
Source: Web Data.3.dr	String found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.iheart.com/podcast/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.instagram.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.last.fm/
Source: Favicons.3.dr	String found in binary or memory: https://www.live.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.messenger.com
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: Favicons.3.dr	String found in binary or memory: https://www.netflix.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.office.com
Source: Favicons.3.dr	String found in binary or memory: https://www.office.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: Favicons.3.dr	String found in binary or memory: https://www.reddit.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.tiktok.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://www.youtube.com
Source: Favicons.3.dr	String found in binary or memory: https://www.youtube.com/
Source: 6a836405-8601-4916-a65e-6de7bdc4ffad.tmp.3.dr	String found in binary or memory: https://y.music.163.com/m/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49732 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49733 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.149.20.212:443 -> 192.168.2.16:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 20.190.159.4:443 -> 192.168.2.16:49775 version: TLS 1.2

Source: classification engine

Classification label: clean1.winSVG@62/256@14/17

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6704517A-D68.pma

Jump to behavior

Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

File created: C:\Users\user\AppData\Local\Temp\fbde4b75-5c54-43f0-9fa3-751df5604815.tmp

Jump to behavior

Source: unknown	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1960,i,12678008410117373553,10809593292764261393,262144 /prefetch:3
Source: unknown	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\Desktop\_Ggerlach_Benefits_and_Commission_2024.svg
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6468 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6416 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6488 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2240 --field-trial-handle=1960,i,12678008410117373553,10809593292764261393,262144 /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:3	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6468 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6416 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6488 --field-trial-handle=2020,i,11273531329556060101,4204945919336292811,262144 /prefetch:8	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: Web Data.3.dr	Binary or memory string: outlook.office365.comVMware20,11696584680t
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - COM.HKVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - GDCDYNVMware20,11696584680p
Source: Web Data.3.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680^
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - EU WestVMware20,11696584680n
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - HKVMware20,11696584680]
Source: Web Data.3.dr	Binary or memory string: microsoft.visualstudio.comVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: outlook.office.comVMware20,11696584680s
Source: Web Data.3.dr	Binary or memory string: secure.bankofamerica.comVMware20,11696584680\|UE
Source: Web Data.3.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: account.microsoft.com/profileVMware20,11696584680u
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - EU East & CentralVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: ms.portal.azure.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Canara Transaction PasswordVMware20,11696584680}
Source: Web Data.3.dr	Binary or memory string: bankofamerica.comVMware20,11696584680x
Source: Web Data.3.dr	Binary or memory string: turbotax.intuit.comVMware20,11696584680t
Source: Web Data.3.dr	Binary or memory string: Test URL for global passwords blocklistVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Canara Change Transaction PasswordVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: www.interactivebrokers.co.inVMware20,11696584680~
Source: Web Data.3.dr	Binary or memory string: www.interactivebrokers.comVMware20,11696584680}
Source: Web Data.3.dr	Binary or memory string: AMC password management pageVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: trackpan.utiitsl.comVMware20,11696584680h
Source: Web Data.3.dr	Binary or memory string: interactivebrokers.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: Interactive Brokers - NDCDYNVMware20,11696584680z
Source: Web Data.3.dr	Binary or memory string: tasks.office.comVMware20,11696584680o
Source: Web Data.3.dr	Binary or memory string: discord.comVMware20,11696584680f
Source: Web Data.3.dr	Binary or memory string: global block list test formVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: netportal.hdfcbank.comVMware20,11696584680
Source: Web Data.3.dr	Binary or memory string: dev.azure.comVMware20,11696584680j
Source: Web Data.3.dr	Binary or memory string: interactivebrokers.co.inVMware20,11696584680d

ID:	1528466
Product:	CloudBasic
Start time:	23:23:43
Start date:	07.10.2024
Sample:	_Ggerlach_Benefits_and_Commission_2024.svg
Cookbook:	defaultwindowsinteractivecookbook.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS
MD5:	d11f832f7608592a2c282c2a2cd9ffa8
SHA1:	f6f43da139b190094d2b0567b75688cbb0d10682
SHA256:	5000cbc52a5d72f136e77077499e917daa6d3ec9ccf5651104dbd4a7ee1c3c57

Windows Analysis Report
_Ggerlach_Benefits_and_Commission_2024.svg

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report _Ggerlach_Benefits_and_Commission_2024.svg

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Malware Analysis System Evasion

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
_Ggerlach_Benefits_and_Commission_2024.svg