Windows Analysis Report
https://fido-billinginformation.com/

Overview

General Information

Sample URL:	https://fido-billinginformation.com/
Analysis ID:	1542560
Tags:	urlscan
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected non-DNS traffic on DNS port

HTML page contains hidden javascript code

Stores files to the Windows start menu directory

Classification

Signatures

HTML page contains hidden javascript code

Source: https://fido-billinginformation.com/

HTTP Parser: Base64 decoded: cre=1729896938&tcid=fido-billinginformation.com671c21ea307296.33983382&task=search&domain=fido-billinginformation.com&a_id=1&session=3OjkjqTEZRy778y42EPx&trackquery=1

Source: https://fido-billinginformation.com/	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:56259 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.8:56187 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/bg/arrows-1-colors-3.png HTTP/1.1Host: img.sedoparking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogc2JbZRFpDSVJ61zGbTZXhUqcnqnwExt1-53M1f1673Vf6oryAIN1ZhMliaXEdQeucdm3KIMwYe52qxXOcdtui7N0I_6JB4apxQb0FEjjrYSNC8nB7_B1lOBT7av7ixD5ISTO6t2v-M8eoFjpcPQXaOgSx4DxPA1rjJj3LjNEOt2wjXUuwoAebM7GgKzhe7-o07OUsaQceTlmRzB72XeHYm2hbVxXiVWXakjXhMXw13fpwngkJPHpWLummpcb3HxciZjYEB2Q9PLni3xGLLibbNMv7YDwaY4S6ApcJ57z0RluiOSyby41s63yImnfgGMot14N4esKUsKhx0_HNC51a6sPf7h8QkOa76arHqiiCMh3e3Cb9L4V5Evb97gMq&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/bg/arrows-1-colors-3.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo80_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&type=3&uiopt=false&swp=as-drid-2383353299994854&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301542%2C17301266%2C72717108&format=r6&nocache=1931729896940127&num=0&output=afd_ads&domain_name=fido-billinginformation.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-240&dt=1729896940130&u_w=1280&u_h=1024&biw=1263&bih=907&psw=1263&psh=1069&frm=0&uio=-&cont=rb-default&drt=0&jsid=caf&nfp=1&jsv=688160506&rurl=https%3A%2F%2Ffido-billinginformation.com%2F HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogc2JbZRFpDSVJ61zGbTZXhUqcnqnwExt1-53M1f1673Vf6oryAIN1ZhMliaXEdQeucdm3KIMwYe52qxXOcdtui7N0I_6JB4apxQb0FEjjrYSNC8nB7_B1lOBT7av7ixD5ISTO6t2v-M8eoFjpcPQXaOgSx4DxPA1rjJj3LjNEOt2wjXUuwoAebM7GgKzhe7-o07OUsaQceTlmRzB72XeHYm2hbVxXiVWXakjXhMXw13fpwngkJPHpWLummpcb3HxciZjYEB2Q9PLni3xGLLibbNMv7YDwaY4S6ApcJ57z0RluiOSyby41s63yImnfgGMot14N4esKUsKhx0_HNC51a6sPf7h8QkOa76arHqiiCMh3e3Cb9L4V5Evb97gMq&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?pac=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?pac=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcf5Iz4_FtvF_L8z7HITeYPdwV8fNFzjyJ80RuuCUVOWDbQW-LkuELonveprbsNqV2VRJebjXqZRYhY1LfT6CF8m6rZCjsrjvQJOQHms-CD0aVJBKfwyea-z-9Q96FiN3vbr8o0xHtadL0h7SE69ZtRWGsmZ5UGC665DJysvulgHzuTXKa8qRlm3mBCLQ3YNsdpWbFLOzT_dJvdEMc-HhXMYn5trBVnuJ6b1LtaJbEKDPMOykOKtvMbhCbsS54NFzwhbvaiWC1OV9w13yPF7M9qEt2cNcE_traCiKkd7hQo2J8bH8dY_Y3nq-SRpD7GFjpU4bQ9loZwtwq7DNHxL-RV6iVr8p4mNop3RkrTh5MPjjYTiWa-wDetj30ihB9&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo80_3ph&r=m&sct=ID%3Dbf4f8137b5f04512%3AT%3D1729896942%3ART%3D1729896942%3AS%3DALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w&sc_status=6&hl=en&ivt=1&rpbu=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5NTkmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&type=0&uiopt=false&swp=as-drid-2383353299994854&q=Medicare%20Insurance%20Plans&afdt=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301542%2C17301266%2C72717107&format=n3&ad=n3&nocache=7031729896958879&num=0&output=afd_ads&domain_name=fido-billinginformation.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-240&dt=1729896958880&u_w=1280&u_h=1024&biw=1263&bih=907&psw=1263&psh=1069&frm=0&uio=-&cont=ab-default&drt=0&jsid=caf&nfp=1&jsv=688160506&rurl=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4%26query%3DMedicare%2BInsurance%2BPlans%26afdToken%3DChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I%26pcsa%3Dfalse%26nb%3D0%26nm%3D5%26nx%3D159%26ny%3D79%26is%3D341x1057%26clkt%3D1&referer=https%3A%2F%2Fsyndicatedsearch.goog%2F HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcf5Iz4_FtvF_L8z7HITeYPdwV8fNFzjyJ80RuuCUVOWDbQW-LkuELonveprbsNqV2VRJebjXqZRYhY1LfT6CF8m6rZCjsrjvQJOQHms-CD0aVJBKfwyea-z-9Q96FiN3vbr8o0xHtadL0h7SE69ZtRWGsmZ5UGC665DJysvulgHzuTXKa8qRlm3mBCLQ3YNsdpWbFLOzT_dJvdEMc-HhXMYn5trBVnuJ6b1LtaJbEKDPMOykOKtvMbhCbsS54NFzwhbvaiWC1OV9w13yPF7M9qEt2cNcE_traCiKkd7hQo2J8bH8dY_Y3nq-SRpD7GFjpU4bQ9loZwtwq7DNHxL-RV6iVr8p4mNop3RkrTh5MPjjYTiWa-wDetj30ihB9&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Tue, 17 Sep 2024 06:00:00 GMT
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: fido-billinginformation.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: img.sedoparking.com
Source: global traffic	DNS traffic detected: DNS query: syndicatedsearch.goog
Source: global traffic	DNS traffic detected: DNS query: afs.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: www.medicare.gov
Source: global traffic	DNS traffic detected: DNS query: gov-bam.nr-data.net

Source: unknown

HTTP traffic detected: POST /search/cc.php?l=ogcnfgrwAIGKvsJJkJgt7c6pNbzI6Y4jemGOFYoyebvkSiJIJ1LrEnKgRag5Ze2Dxieb-KCFLzUBiHmSorRN9i_J-mSG0WMQXYx_7kURH3y_BEl2Skjt6AfsM8ABEkyW1r1KHisrAW4pAR2Gl6KHdKN5sypLb-mL6NAOxHUzYPpRks3JJeg4S9n80tHmeAormGSBnC6wPY-jgovarz9FTvEFb3Oqc9d8Q2_kjrvwcADrkX-p-mDLDXEnMSWS5uOjIy2qbnHXJkU4KPlnAeRku2vnSnyYc483T30UXwnSkqDz6dTn8K7wam63ykX6To5tl3Fs9IDYl3FAN3T9oHob5ay-v17-D1977FjjdKUT8_ZoiS0DNz4qoyvuj99HwNIIe1DdRVnOZ0F4jX09nQjklN8uScb0lHdttpxyIxUkkrHfbFge1uTdwRE46kpkKKctYC6YmaIE3avQirKDoOHWlrMPO_74-1uBY15oPk-4ZgFUZFK99SzZ1oqzOkfflH7LthMU9kg-bCF6BP931sk6zaPq1Cvluw9l7Ex0JqX-TqYqerQi8EeyQBmH5byny63VP2T4J1-aEYCjZx9eiUeH3ofrdfIneuZ2u-lYY3_grIb0xH8xqcj3NDwvCHwUojP1t4XyxnJzZ8k5435LA&v=MzI4NjU3Mjg0NjAxZDJhZGI0MjliMGI2ZDAyZTFmMGEJMQlmaWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MglmaWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFmZmM4YmQxMS45MTE3NDE0MwkxNzI5ODk2OTU5CTA%3D&nc=61344951729896979727 HTTP/1.1Host: fido-billinginformation.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://syndicatedsearch.googSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_228.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_176.2.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AbDGNSEX6j1lmziprIxq1sq8mdSbZUcua
Source: chromecache_176.2.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AbDGNSH5VyGSNuAhy8TVpItU5HRONmYkj
Source: chromecache_228.2.dr	String found in binary or memory: https://daneden.github.io/animate.css/
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_216.2.dr, chromecache_178.2.dr	String found in binary or memory: https://p11.techlab-cdn.com
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_176.2.dr	String found in binary or memory: https://syndicatedsearch.goog/
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABAAGgJlZg
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABABGgJlZg
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABACGgJlZg
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion/16521530460/?gad_source=1&adview_type=3
Source: chromecache_182.2.dr	String found in binary or memory: https://www.medicare.gov/static/5877e3fcf633354994b8f762fa69d172d6750013ed7077
Source: chromecache_176.2.dr	String found in binary or memory: https://www.medishare.com/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56319
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56279
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56312
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56313
Source: unknown	Network traffic detected: HTTP traffic on port 56302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56314
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56315
Source: unknown	Network traffic detected: HTTP traffic on port 56322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56286
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56320
Source: unknown	Network traffic detected: HTTP traffic on port 56325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56282
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56284
Source: unknown	Network traffic detected: HTTP traffic on port 56271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56285
Source: unknown	Network traffic detected: HTTP traffic on port 56319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56281
Source: unknown	Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 56279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56327
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56323
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56324
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56299
Source: unknown	Network traffic detected: HTTP traffic on port 56268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56293
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 56299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 56314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 56286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 56317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 56312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56256
Source: unknown	Network traffic detected: HTTP traffic on port 56264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56266
Source: unknown	Network traffic detected: HTTP traffic on port 56267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56263
Source: unknown	Network traffic detected: HTTP traffic on port 56296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56309
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56307
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56302
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56303
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56304
Source: unknown	Network traffic detected: HTTP traffic on port 56305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56275
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56278
Source: unknown	Network traffic detected: HTTP traffic on port 56287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56271
Source: unknown	Network traffic detected: HTTP traffic on port 56293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 56316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:56259 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@24/113@34/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1968,i,16627719936755479855,5633795185747803734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fido-billinginformation.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1968,i,16627719936755479855,5633795185747803734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.185.228	www.google.com	United States	15169	GOOGLEUS	false
142.250.185.206	unknown	United States	15169	GOOGLEUS	false
142.250.185.129	unknown	United States	15169	GOOGLEUS	false
142.250.186.174	unknown	United States	15169	GOOGLEUS	false
142.250.185.100	unknown	United States	15169	GOOGLEUS	false
205.234.175.175	vip1.g5.cachefly.net	United States	30081	CACHENETWORKSUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
91.195.240.12	fido-billinginformation.com	Germany	47846	SEDO-ASDE	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.65	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.8
192.168.2.7
192.168.2.4

Contacted Domains

Name	IP	Active
fido-billinginformation.com	91.195.240.12	true
bg.microsoft.map.fastly.net	199.232.214.172	true
vip1.g5.cachefly.net	205.234.175.175	true
syndicatedsearch.goog	142.250.181.238	true
s-part-0017.t-0009.t-msedge.net	13.107.246.45	true
www.google.com	142.250.185.228	true
googlehosted.l.googleusercontent.com	142.250.186.65	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
windowsupdatebg.s.llnwi.net	178.79.208.1	true
img.sedoparking.com	unknown	unknown
afs.googleusercontent.com	unknown	unknown
www.medicare.gov	unknown	unknown
gov-bam.nr-data.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://fido-billinginformation.com/search/tsc.php?ses=ogcf5Iz4_FtvF_L8z7HITeYPdwV8fNFzjyJ80RuuCUVOWDbQW-LkuELonveprbsNqV2VRJebjXqZRYhY1LfT6CF8m6rZCjsrjvQJOQHms-CD0aVJBKfwyea-z-9Q96FiN3vbr8o0xHtadL0h7SE69ZtRWGsmZ5UGC665DJysvulgHzuTXKa8qRlm3mBCLQ3YNsdpWbFLOzT_dJvdEMc-HhXMYn5trBVnuJ6b1LtaJbEKDPMOykOKtvMbhCbsS54NFzwhbvaiWC1OV9w13yPF7M9qEt2cNcE_traCiKkd7hQo2J8bH8dY_Y3nq-SRpD7GFjpU4bQ9loZwtwq7DNHxL-RV6iVr8p4mNop3RkrTh5MPjjYTiWa-wDetj30ihB9&cv=2	false		unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2	false		unknown
https://fido-billinginformation.com/	false		unknown
https://www.google.com/adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true	false		unknown
https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0	false		unknown
https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff	false	URL Reputation: safe	unknown
https://www.medicare.gov/plan-compare/?gclid=EAIaIQobChMI-PGAr9CqiQMVYpeDBx0gPjDIEAAYASAAEgJNvvD_BwE#/?year=2025&lang=es&utm_source=google&utm_medium=paid_search&utm_campaign=HispanicMedicare-OE_2025&utm_term=planes%20de%20medicare&utm_content=fm-10152024_PaidSearchEnglish2024_CompareMedicarePlans	false		unknown
https://syndicatedsearch.goog/afs/ads/i/iframe.html	false	URL Reputation: safe	unknown
https://img.sedoparking.com/templates/bg/arrows-1-colors-3.png	false		unknown
https://img.sedoparking.com/templates/logos/sedo_logo.png	false		unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 21:55:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C1E255C864351BEBCF4F51843DD8A050	A789F637E8D1F4D46C47F8EEE97019E7DBC5BA6F	16225703C9F773074B8C9F0F01441CC65F87BD259901EF0038D0330030537B88
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 21:55:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	C986CF3C04D6E473F99C50768B183C2C	5E2132012CFB16CDD617E5BC42A64E72070CAFC2	CEC7742013B5EC17CDE8361C05B804902996BE4B1BDEC4E8F77D2879ED12C6FD
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Thu Oct 5 07:00:51 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	BC6FB8BE7E4C129BAEB1101BEE262CD2	5F1E81ED4E21CA7AE9F3FB48D4840634922DD390	5018FD1D11EB54C6C002B802FBB07E6287E9D654707266F131FF23C7DB36535D
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 21:55:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	08E3E2256147A06D0016C7C9F3856E78	312728108DD68C2725721267B19FE63DC85AF0E2	A9AF4A0ABE648FC0FE4FFEA22F479B9DA35A1064E791B34CC249EE163C83030F
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 21:55:36 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	7E5877C7882972EDEE7D2F5BC7E2A021	1FF69BA120E6F227CB4ADAD643ABA5AEB4DA1916	010FC218808FD49939E14D3AB4E6819EC6A723BF23D29E25CC9ABF500DFA4889
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 25 21:55:35 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide	3BF422A98214875DD3650ADC1E6C1A52	1E14E1A316765DF0EB3FE0B3FF3B8EFF7D362A92	D905CF875AA3D42E46308691AF5EB2B840773D2CAFB84A7C1F3DFF3E5821C746
Chrome Cache Entry: 168	MS Windows icon resource - 1 icon, 16x16	B469CB3E6012972F919A438BCB0A8F51	485A26A10E42257536CD87652947052238569BBF	BFD52A9608AEE08C9E912FE768D71FE3F220641E74C5A425C8668CD4EACAAE71
Chrome Cache Entry: 169	ASCII text, with very long lines (10739)	F56098DB5DA680A8B94E577448EE89B4	11E2974FBB2F875ABB465EAFCD5B12CFC70F3D93	1B2358A029A88FA03D35F47D66EE7445563032EB3F48AFCFE1375220ACFB8F3D
Chrome Cache Entry: 170	ASCII text, with very long lines (971)	476E0E4D636EE7F943210CC54C94833C	345B9EA12272CB5661DA66F45AD832CD3AFC64A3	E5B5FAF27382C7EE56215C3AC7C71AE60868EA226E899543DBBBFAF622917AC6
Chrome Cache Entry: 171	ASCII text, with very long lines (9112)	9E19E2F5EED32466E8D794BA5890133A	D89C0C8D935645FCAB9BF603CE1099C038AB32C6	E378ABAFDCD4E3E5AB3FA67A234004785B169BAB178836E5E7509D488C0501CF
Chrome Cache Entry: 172	data	30C9A9CB0C2DF9CEFFB4BC6C87277671	B56A6D2A7B3B0F50DDC8CCF1678C97C999466E06	DF88C97F2C560A631EA88036FCF6142B14BF3A412165123F43B35FE3FAE85BD2
Chrome Cache Entry: 173	ASCII text, with very long lines (6708)	F247F53317562BA470771459B2662640	B7E5EB546CB4ED2F01DB98964A1639E6E1F52FFD	7672B85D06C0DBB695EB08600A8CF4E194FE7B5FFE5C1C9C44353E4CADBBD8D7
Chrome Cache Entry: 174	ASCII text, with very long lines (6171)	A56624177320C2D29C655291A8817278	03194661880FF4FAA9DC142334A2F6900342F470	D15F4A759061FBCA109DD660A80F257782C1EC05240BCF7B581D052B12D7BE9F
Chrome Cache Entry: 175	ASCII text, with very long lines (45825)	15F3F19CE5F224711E4E317791900841	519D1B24D76BF6F108EECC348211FE02352A1CA6	4E5ABD4A0506BB0C5426FDDDE67167E2F86CDAD465D7FB77CE459988D26964CA
Chrome Cache Entry: 176	HTML document, Unicode text, UTF-8 text, with very long lines (25356)	DFC7BCBEDDBE0B2645D01510547FA5C8	F268014AC39FE78BDC3EFE0037398B805D4D9229	9DB781D033DFEB7C12CCE5A3D21C803EB2234E16B85C31E83E04CB3265FD2678
Chrome Cache Entry: 177	ASCII text, with very long lines (7685)	F893F5F418DE5EE37863EDBD7D4CFB7E	7F8B6D2903BA49C3AB9E0A64E0E29E48EF8975DD	771752347C30917C48069C13F2C93CF062AB7FA97A83828D1639F6645D624EF9
Chrome Cache Entry: 178	ASCII text, with very long lines (1096)	1E20A7F9761C17E5F486F29DF4EA94D4	8628062A007447229047E82134EB5CAA92FE6308	924F96740B143B98BC9289BED2F159699DA35B26178CF6D79B94D4C239AADE21
Chrome Cache Entry: 179	ASCII text, with very long lines (8847)	938FCAA6139CB15B30FFA1139D3977F2	B5CE0CD75686DCD8C342F620887E007E4749F687	ED870D7837AA16EAB766E3A6D786C4853409759C7E7A586C222A3BECDDA0F2D6
Chrome Cache Entry: 180	JSON data	730915EC2725CF6721080A6516B23F15	21C42782B633240E91FE0016E7ECCCCAE7312AC2	4A1C4F06A4AA7E9302ED7283D745D384E0E9F9E56D09A949D92B896CBC4DEB04
Chrome Cache Entry: 181	ASCII text, with very long lines (6358)	8AD3EE2D5423ADC2D56EAA145AA69B55	D9408195534D2A2616A5BC350DDD2C99132A35A9	E9AD5B16606526B2E2A3227907162D443E5798779E01D3D38DB4137DB260249C
Chrome Cache Entry: 182	HTML document, ASCII text, with very long lines (933), with no line terminators	ED6EBADF02539DACD94F438AB8C322D5	1FD4E2664A558712506AE110108C3430DF230A19	01BDD57386A0392031DBD7A3882E1116EBD6F3BE0C7182EA39F175B7D89B72AC
Chrome Cache Entry: 183	ASCII text, with very long lines (14345)	59E48923DC6E5404DBFBB54FE9703778	E7E54426800A3EB091D42500D8674A3160245009	8FAF55F94ACD036C24E866028FA35A05909DDBE51468F561D42D506C35B0C35D
Chrome Cache Entry: 184	ASCII text, with very long lines (6708)	F247F53317562BA470771459B2662640	B7E5EB546CB4ED2F01DB98964A1639E6E1F52FFD	7672B85D06C0DBB695EB08600A8CF4E194FE7B5FFE5C1C9C44353E4CADBBD8D7
Chrome Cache Entry: 185	PNG image data, 3024 x 2000, 8-bit/color RGBA, non-interlaced	B68C0210CADB1E12EFC4557D7E49E48E	AD24ED2B2D5D166D07FBF0680693C88FB56FCB4B	E7FF091C85669B175DE49D629D7D77BD20CD08D2C16AE74DEEF2AB06AEC5854D
Chrome Cache Entry: 186	ASCII text, with very long lines (7685)	F893F5F418DE5EE37863EDBD7D4CFB7E	7F8B6D2903BA49C3AB9E0A64E0E29E48EF8975DD	771752347C30917C48069C13F2C93CF062AB7FA97A83828D1639F6645D624EF9
Chrome Cache Entry: 187	PNG image data, 3024 x 2000, 8-bit/color RGBA, non-interlaced	B68C0210CADB1E12EFC4557D7E49E48E	AD24ED2B2D5D166D07FBF0680693C88FB56FCB4B	E7FF091C85669B175DE49D629D7D77BD20CD08D2C16AE74DEEF2AB06AEC5854D
Chrome Cache Entry: 188	ASCII text, with very long lines (1932)	4B045B3610C67169D7D9EB018DEA8176	191B80D8BE0E23EAE36ADAC73EB50D4BE551DEBC	082F615C9824B5870F58E277F609A662086DD5CE7CB15020F494B2846EA902CD
Chrome Cache Entry: 189	ASCII text, with very long lines (408), with no line terminators	11EDEED3780F826B2D347B2AC90BE685	838A727669CE5FC8FFD95D81ECF4A827E1142D9F	F30473086C0127D8280A5087399D36979522AC17021C5D57F7B5B97BCE83A2F4
Chrome Cache Entry: 190	ASCII text, with very long lines (8847)	938FCAA6139CB15B30FFA1139D3977F2	B5CE0CD75686DCD8C342F620887E007E4749F687	ED870D7837AA16EAB766E3A6D786C4853409759C7E7A586C222A3BECDDA0F2D6
Chrome Cache Entry: 191	ASCII text, with very long lines (1287)	F5948354BF37E710BBBFCDCFC36EAA8E	DB9BD953FAF399D5DE8D3F1FC7222C76D2D5E92B	20CFCE2B15F528B4A1BA2E4A48DB39B1C2CEDDF29609CAD5883D982A90B4D919
Chrome Cache Entry: 192	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	DEF00C11B1596DB4EFEE6A9FBE64FC27	BD298981E6D8D7E4FFA18ABCF687041F4246672D	95C427FA3143B1896FAF42A6406686CE7602CB39052081BB32D12B51C9E047E4
Chrome Cache Entry: 193	ASCII text, with very long lines (1932)	FBF293214F699DB139ABE3F24399D7ED	6CC5C65FA153284998C993C7A30ACC230FDB08BF	CC8AF65EE0A044381E528FB7BDD06F9D4D1836F1402E7D6402BD207F97D7A060
Chrome Cache Entry: 194	SVG Scalable Vector Graphics image	A6AD6E65373DB8C1B1F154C4C83F8CE5	84CC007D6D682C589E1E1F87482A5278830F3000	920A378947204498C122722933B3A4B67788A2B6FADE8BD0D47CF830EEEE0563
Chrome Cache Entry: 195	ASCII text, with very long lines (507)	0E7BC16532936D718F36DC47D8FEB332	A2C67B619FAAC3A4ABA0407CB4F34D844F4D2071	422AA4E7BA5FF626A830DBBEE358CB5055122A03B5C36B5F7608E1B34999E529
Chrome Cache Entry: 196	ASCII text, with very long lines (5993)	9B591E6C96711AB2E3C57B25E60996F1	D386DEEC5D240ACEE3F63F9367A22A77706B6D5C	6BBC01602A681B5A33E9911BC773475C96C3C1CB446FCD795019F8DB7AF48CA4
Chrome Cache Entry: 197	ASCII text, with very long lines (59134)	4B7818CF3AF9150975DBDF227145B2B6	0F37685BE269C452BDB5C50A56644E1B704B9C87	95C499317437CC5E0E6BEC8E2FC192AA90A341B152DA93393DAEB5D6DA31C1E9
Chrome Cache Entry: 198	ASCII text, with very long lines (65465)	9B32E76DA50C2BBCCDEFCABE38B11C37	F453F40FC0843751DF8439097E446F6C003EAB12	62D8CF33D3041EF988E45D66A28ED718C8B231B151083B3915E1DF6D55F29FC0
Chrome Cache Entry: 199	ASCII text, with very long lines (12619)	E2ACCDDBFA5ECD11989D18D22DE4692F	6742F9C1E29D470BE21A234E017977A77DF54CBC	F480C109F575B0B00C8BEF057A93C6DEB3BF43A5CA8B4BF429FF33A2DF163997
Chrome Cache Entry: 200	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 201	ASCII text, with very long lines (9112)	9E19E2F5EED32466E8D794BA5890133A	D89C0C8D935645FCAB9BF603CE1099C038AB32C6	E378ABAFDCD4E3E5AB3FA67A234004785B169BAB178836E5E7509D488C0501CF
Chrome Cache Entry: 202	HTML document, ASCII text, with very long lines (20648)	18267A2BB9CD61A0675F3090C5903533	538E7D68FA402D15061CA63AB8C6F0E892097CE6	A0BC009792B7DB2ADA61BE02CEF4AFA410A06636D426A2FECB3F66E65AB22ABC
Chrome Cache Entry: 203	ASCII text, with very long lines (1932)	8A0129D000CA584D54C1C80AA013947A	A67A4066A73C5881CD3EEA6E55A220D4E8077EA4	0EA9EA9FC59F245C2C361B322E0B70CFBC3CFA4DD243DC0E28F7FF7C558EB2B3
Chrome Cache Entry: 204	ASCII text, with very long lines (8977)	CFA1E5949EBC2A5F9CA147F66357393C	D3BA400F4CE5A30BA7167276BE9311DB0F1CCE15	FEFC27A7B9A7A1AAD66B0540A5583B64AEB3C03F595E719C52CEEAABF4E10700
Chrome Cache Entry: 205	SVG Scalable Vector Graphics image	A6AD6E65373DB8C1B1F154C4C83F8CE5	84CC007D6D682C589E1E1F87482A5278830F3000	920A378947204498C122722933B3A4B67788A2B6FADE8BD0D47CF830EEEE0563
Chrome Cache Entry: 206	ASCII text, with very long lines (519)	EEB74615EFBF636CC7B78B17C6A933C7	34BF4DC348CF19180C5A022D7AB98B221D60DAD2	74A7A53097F5335E794968F4F7C27D089701FD635C8698C5F5FDA7F30356CACB
Chrome Cache Entry: 207	ASCII text, with very long lines (408), with no line terminators	4ACE83C39A48E8CB3823550A76B62C38	50D7B7A816CC511702248AE27016754965B6F4B8	9C52504A0236F0BA8EB61631F4909CEA114BC161E8ED90DA533CA8799C2E0E9A
Chrome Cache Entry: 208	ASCII text, with very long lines (519)	EEB74615EFBF636CC7B78B17C6A933C7	34BF4DC348CF19180C5A022D7AB98B221D60DAD2	74A7A53097F5335E794968F4F7C27D089701FD635C8698C5F5FDA7F30356CACB
Chrome Cache Entry: 209	SVG Scalable Vector Graphics image	11B3089D616633CA6B73B57AA877EEB4	07632F63E06B30D9B63C97177D3A8122629BDA9B	809FB4619D2A2F1A85DBDA8CC69A7F1659215212D708A098D62150EEE57070C1
Chrome Cache Entry: 210	ASCII text, with very long lines (1287)	F5948354BF37E710BBBFCDCFC36EAA8E	DB9BD953FAF399D5DE8D3F1FC7222C76D2D5E92B	20CFCE2B15F528B4A1BA2E4A48DB39B1C2CEDDF29609CAD5883D982A90B4D919
Chrome Cache Entry: 211	ASCII text, with very long lines (59134)	4B7818CF3AF9150975DBDF227145B2B6	0F37685BE269C452BDB5C50A56644E1B704B9C87	95C499317437CC5E0E6BEC8E2FC192AA90A341B152DA93393DAEB5D6DA31C1E9
Chrome Cache Entry: 212	ASCII text, with very long lines (20488)	1D1470E616B17DBA2523278BB490D14C	6DF429AD6DD0D324D69F3E995FB50DB6D7F0D00C	C0C9FD61C163C6698F51CACC20B08F05371738554BD457EBB74A4B68810306AC
Chrome Cache Entry: 213	ASCII text, with very long lines (940)	8A0066E00B354C23DC54726BC0F79C25	447B39B1B1FB935C91B8B29A8BA88A70CB456052	92215515C9387245DEBF214C2A4876AED31214CCE877FE02FEF6476F2E0DF6C3
Chrome Cache Entry: 214	ASCII text, with very long lines (552)	AD404332D90A3F06C80B3C705BA666BA	5DF99FAA1BA23FF8105CC0505424CECCDF85A5A1	1762A6D546DFC49A32E2E4B2CAEFB01368B948B0D137B4E03447E18E3119C65A
Chrome Cache Entry: 215	MS Windows icon resource - 1 icon, 16x16	B469CB3E6012972F919A438BCB0A8F51	485A26A10E42257536CD87652947052238569BBF	BFD52A9608AEE08C9E912FE768D71FE3F220641E74C5A425C8668CD4EACAAE71
Chrome Cache Entry: 216	ASCII text, with very long lines (1096)	1E20A7F9761C17E5F486F29DF4EA94D4	8628062A007447229047E82134EB5CAA92FE6308	924F96740B143B98BC9289BED2F159699DA35B26178CF6D79B94D4C239AADE21
Chrome Cache Entry: 217	ASCII text, with very long lines (65465)	9B32E76DA50C2BBCCDEFCABE38B11C37	F453F40FC0843751DF8439097E446F6C003EAB12	62D8CF33D3041EF988E45D66A28ED718C8B231B151083B3915E1DF6D55F29FC0
Chrome Cache Entry: 218	HTML document, ASCII text, with very long lines (1559)	B56BD60844E613FE1E2F0555687157BB	AA8B19CF7D615C9379CE0122C2B1A5F2DD4E870D	A09DCC71F860F3F98A38913625C00233FAE6529BC2BF028C229B6FEDD3D847E0
Chrome Cache Entry: 219	ASCII text, with very long lines (5993)	9B591E6C96711AB2E3C57B25E60996F1	D386DEEC5D240ACEE3F63F9367A22A77706B6D5C	6BBC01602A681B5A33E9911BC773475C96C3C1CB446FCD795019F8DB7AF48CA4
Chrome Cache Entry: 220	MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel	DEF00C11B1596DB4EFEE6A9FBE64FC27	BD298981E6D8D7E4FFA18ABCF687041F4246672D	95C427FA3143B1896FAF42A6406686CE7602CB39052081BB32D12B51C9E047E4
Chrome Cache Entry: 221	ASCII text, with very long lines (12619)	E2ACCDDBFA5ECD11989D18D22DE4692F	6742F9C1E29D470BE21A234E017977A77DF54CBC	F480C109F575B0B00C8BEF057A93C6DEB3BF43A5CA8B4BF429FF33A2DF163997
Chrome Cache Entry: 222	ASCII text, with very long lines (20488)	1D1470E616B17DBA2523278BB490D14C	6DF429AD6DD0D324D69F3E995FB50DB6D7F0D00C	C0C9FD61C163C6698F51CACC20B08F05371738554BD457EBB74A4B68810306AC
Chrome Cache Entry: 223	SVG Scalable Vector Graphics image	11B3089D616633CA6B73B57AA877EEB4	07632F63E06B30D9B63C97177D3A8122629BDA9B	809FB4619D2A2F1A85DBDA8CC69A7F1659215212D708A098D62150EEE57070C1
Chrome Cache Entry: 224	ASCII text, with very long lines (6171)	A56624177320C2D29C655291A8817278	03194661880FF4FAA9DC142334A2F6900342F470	D15F4A759061FBCA109DD660A80F257782C1EC05240BCF7B581D052B12D7BE9F
Chrome Cache Entry: 225	ASCII text, with very long lines (6358)	8AD3EE2D5423ADC2D56EAA145AA69B55	D9408195534D2A2616A5BC350DDD2C99132A35A9	E9AD5B16606526B2E2A3227907162D443E5798779E01D3D38DB4137DB260249C
Chrome Cache Entry: 226	ASCII text, with very long lines (971)	476E0E4D636EE7F943210CC54C94833C	345B9EA12272CB5661DA66F45AD832CD3AFC64A3	E5B5FAF27382C7EE56215C3AC7C71AE60868EA226E899543DBBBFAF622917AC6
Chrome Cache Entry: 227	ASCII text, with very long lines (45825)	15F3F19CE5F224711E4E317791900841	519D1B24D76BF6F108EECC348211FE02352A1CA6	4E5ABD4A0506BB0C5426FDDDE67167E2F86CDAD465D7FB77CE459988D26964CA
Chrome Cache Entry: 228	ASCII text, with very long lines (65350)	B3E06759ADBC0B2A93D4E256595ACEB5	26F3E87D2B372F53C496B32A245E42AE255C25F9	4671BF8F5164E23D1CED59F3B6F049F3545DB994C454C331D7D7374047571D41
Chrome Cache Entry: 229	ASCII text, with very long lines (8977)	CFA1E5949EBC2A5F9CA147F66357393C	D3BA400F4CE5A30BA7167276BE9311DB0F1CCE15	FEFC27A7B9A7A1AAD66B0540A5583B64AEB3C03F595E719C52CEEAABF4E10700
Chrome Cache Entry: 230	ASCII text, with very long lines (507)	0E7BC16532936D718F36DC47D8FEB332	A2C67B619FAAC3A4ABA0407CB4F34D844F4D2071	422AA4E7BA5FF626A830DBBEE358CB5055122A03B5C36B5F7608E1B34999E529
Chrome Cache Entry: 231	ASCII text, with very long lines (552)	AD404332D90A3F06C80B3C705BA666BA	5DF99FAA1BA23FF8105CC0505424CECCDF85A5A1	1762A6D546DFC49A32E2E4B2CAEFB01368B948B0D137B4E03447E18E3119C65A
Chrome Cache Entry: 232	ASCII text, with very long lines (10739)	F56098DB5DA680A8B94E577448EE89B4	11E2974FBB2F875ABB465EAFCD5B12CFC70F3D93	1B2358A029A88FA03D35F47D66EE7445563032EB3F48AFCFE1375220ACFB8F3D
Chrome Cache Entry: 233	ASCII text, with very long lines (1932)	B23686E6E0348191413613C8470EEE2A	C4EF49B9955A3A031CBE7B14BC7C1536961BDA96	3128E90E56D18A6ED7209397B73FE04A61C5E5EF5CC11C4A9230A470FEC65E28
Chrome Cache Entry: 234	ASCII text, with very long lines (940)	8A0066E00B354C23DC54726BC0F79C25	447B39B1B1FB935C91B8B29A8BA88A70CB456052	92215515C9387245DEBF214C2A4876AED31214CCE877FE02FEF6476F2E0DF6C3
Chrome Cache Entry: 235	JSON data	8E3DB10AF5A3E1CABE7AA67674E21188	E2314B0038DF2D49DDBE461F33A6797D4586CDE0	87ECD5BABD6FD9F4F6F796D745AA38751FAF3985E3B55F87A2F53E506FE07362
Chrome Cache Entry: 236	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 237	ASCII text, with very long lines (14345)	59E48923DC6E5404DBFBB54FE9703778	E7E54426800A3EB091D42500D8674A3160245009	8FAF55F94ACD036C24E866028FA35A05909DDBE51468F561D42D506C35B0C35D
Chrome Cache Entry: 238	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300

HTML page contains hidden javascript code

Source: https://fido-billinginformation.com/

HTTP Parser: Base64 decoded: cre=1729896938&tcid=fido-billinginformation.com671c21ea307296.33983382&task=search&domain=fido-billinginformation.com&a_id=1&session=3OjkjqTEZRy778y42EPx&trackquery=1

Source: https://fido-billinginformation.com/	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon
Source: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:56259 version: TLS 1.2

Detected non-DNS traffic on DNS port

Source: global traffic

TCP traffic: 192.168.2.8:56187 -> 1.1.1.1:53

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/bg/arrows-1-colors-3.png HTTP/1.1Host: img.sedoparking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogc2JbZRFpDSVJ61zGbTZXhUqcnqnwExt1-53M1f1673Vf6oryAIN1ZhMliaXEdQeucdm3KIMwYe52qxXOcdtui7N0I_6JB4apxQb0FEjjrYSNC8nB7_B1lOBT7av7ixD5ISTO6t2v-M8eoFjpcPQXaOgSx4DxPA1rjJj3LjNEOt2wjXUuwoAebM7GgKzhe7-o07OUsaQceTlmRzB72XeHYm2hbVxXiVWXakjXhMXw13fpwngkJPHpWLummpcb3HxciZjYEB2Q9PLni3xGLLibbNMv7YDwaY4S6ApcJ57z0RluiOSyby41s63yImnfgGMot14N4esKUsKhx0_HNC51a6sPf7h8QkOa76arHqiiCMh3e3Cb9L4V5Evb97gMq&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/bg/arrows-1-colors-3.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo80_3ph&r=m&hl=en&ivt=1&rpbu=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&type=3&uiopt=false&swp=as-drid-2383353299994854&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301542%2C17301266%2C72717108&format=r6&nocache=1931729896940127&num=0&output=afd_ads&domain_name=fido-billinginformation.com&v=3&bsl=8&pac=0&u_his=1&u_tz=-240&dt=1729896940130&u_w=1280&u_h=1024&biw=1263&bih=907&psw=1263&psh=1069&frm=0&uio=-&cont=rb-default&drt=0&jsid=caf&nfp=1&jsv=688160506&rurl=https%3A%2F%2Ffido-billinginformation.com%2F HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?abp=1&YEr3CiF6AuQqLspNobyal3ji0SyqxBLn=true HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogc2JbZRFpDSVJ61zGbTZXhUqcnqnwExt1-53M1f1673Vf6oryAIN1ZhMliaXEdQeucdm3KIMwYe52qxXOcdtui7N0I_6JB4apxQb0FEjjrYSNC8nB7_B1lOBT7av7ixD5ISTO6t2v-M8eoFjpcPQXaOgSx4DxPA1rjJj3LjNEOt2wjXUuwoAebM7GgKzhe7-o07OUsaQceTlmRzB72XeHYm2hbVxXiVWXakjXhMXw13fpwngkJPHpWLummpcb3HxciZjYEB2Q9PLni3xGLLibbNMv7YDwaY4S6ApcJ57z0RluiOSyby41s63yImnfgGMot14N4esKUsKhx0_HNC51a6sPf7h8QkOa76arHqiiCMh3e3Cb9L4V5Evb97gMq&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?pac=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /adsense/domains/caf.js?pac=0 HTTP/1.1Host: syndicatedsearch.googConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /templates/logos/sedo_logo.png HTTP/1.1Host: img.sedoparking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1Host: afs.googleusercontent.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlaHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://syndicatedsearch.goog/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcf5Iz4_FtvF_L8z7HITeYPdwV8fNFzjyJ80RuuCUVOWDbQW-LkuELonveprbsNqV2VRJebjXqZRYhY1LfT6CF8m6rZCjsrjvQJOQHms-CD0aVJBKfwyea-z-9Q96FiN3vbr8o0xHtadL0h7SE69ZtRWGsmZ5UGC665DJysvulgHzuTXKa8qRlm3mBCLQ3YNsdpWbFLOzT_dJvdEMc-HhXMYn5trBVnuJ6b1LtaJbEKDPMOykOKtvMbhCbsS54NFzwhbvaiWC1OV9w13yPF7M9qEt2cNcE_traCiKkd7hQo2J8bH8dY_Y3nq-SRpD7GFjpU4bQ9loZwtwq7DNHxL-RV6iVr8p4mNop3RkrTh5MPjjYTiWa-wDetj30ihB9&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://fido-billinginformation.com/caf/?ses=Y3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&query=Medicare+Insurance+Plans&afdToken=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&nb=0&nm=5&nx=159&ny=79&is=341x1057&clkt=1Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /afs/ads?adsafe=low&adtest=off&psid=6267031743&channel=exp-0051%2Cauxa-control-1%2C8810114&client=dp-sedo80_3ph&r=m&sct=ID%3Dbf4f8137b5f04512%3AT%3D1729896942%3ART%3D1729896942%3AS%3DALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w&sc_status=6&hl=en&ivt=1&rpbu=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5NTkmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4&type=0&uiopt=false&swp=as-drid-2383353299994854&q=Medicare%20Insurance%20Plans&afdt=ChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I&pcsa=false&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301542%2C17301266%2C72717107&format=n3&ad=n3&nocache=7031729896958879&num=0&output=afd_ads&domain_name=fido-billinginformation.com&v=3&bsl=8&pac=0&u_his=2&u_tz=-240&dt=1729896958880&u_w=1280&u_h=1024&biw=1263&bih=907&psw=1263&psh=1069&frm=0&uio=-&cont=ab-default&drt=0&jsid=caf&nfp=1&jsv=688160506&rurl=https%3A%2F%2Ffido-billinginformation.com%2Fcaf%2F%3Fses%3DY3JlPTE3Mjk4OTY5MzgmdGNpZD1maWRvLWJpbGxpbmdpbmZvcm1hdGlvbi5jb202NzFjMjFlYTMwNzI5Ni4zMzk4MzM4MiZ0YXNrPXNlYXJjaCZkb21haW49Zmlkby1iaWxsaW5naW5mb3JtYXRpb24uY29tJmFfaWQ9MyZzZXNzaW9uPTNPamtqcVRFWlJ5Nzc4eTQyRVB4%26query%3DMedicare%2BInsurance%2BPlans%26afdToken%3DChMI7ZuBptCqiQMVZvICBx2WEQnvEmYBlLqpj1aEctUyTp1b0QSMQbPWLNDzb50b3D9mTtw3ycQRcnAO8AgxiQ0eJoVB6E1MbJlu7VItXNIAgnPwdyEPBgFsB-k-OKViP3Hmny8s3XbMO9hta0mo97B7Z6rjvKOc7gEMh1I%26pcsa%3Dfalse%26nb%3D0%26nm%3D5%26nx%3D159%26ny%3D79%26is%3D341x1057%26clkt%3D1&referer=https%3A%2F%2Fsyndicatedsearch.goog%2F HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /search/tsc.php?ses=ogcf5Iz4_FtvF_L8z7HITeYPdwV8fNFzjyJ80RuuCUVOWDbQW-LkuELonveprbsNqV2VRJebjXqZRYhY1LfT6CF8m6rZCjsrjvQJOQHms-CD0aVJBKfwyea-z-9Q96FiN3vbr8o0xHtadL0h7SE69ZtRWGsmZ5UGC665DJysvulgHzuTXKa8qRlm3mBCLQ3YNsdpWbFLOzT_dJvdEMc-HhXMYn5trBVnuJ6b1LtaJbEKDPMOykOKtvMbhCbsS54NFzwhbvaiWC1OV9w13yPF7M9qEt2cNcE_traCiKkd7hQo2J8bH8dY_Y3nq-SRpD7GFjpU4bQ9loZwtwq7DNHxL-RV6iVr8p4mNop3RkrTh5MPjjYTiWa-wDetj30ihB9&cv=2 HTTP/1.1Host: fido-billinginformation.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __gsas=ID=bf4f8137b5f04512:T=1729896942:RT=1729896942:S=ALNI_MYO8DGnLjUjmTFC5cRAZuvRvrF14w
Source: global traffic	HTTP traffic detected: GET /afs/ads/i/iframe.html HTTP/1.1Host: syndicatedsearch.googConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://fido-billinginformation.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-Modified-Since: Tue, 17 Sep 2024 06:00:00 GMT
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net

Source: global traffic	DNS traffic detected: DNS query: fido-billinginformation.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: img.sedoparking.com
Source: global traffic	DNS traffic detected: DNS query: syndicatedsearch.goog
Source: global traffic	DNS traffic detected: DNS query: afs.googleusercontent.com
Source: global traffic	DNS traffic detected: DNS query: www.medicare.gov
Source: global traffic	DNS traffic detected: DNS query: gov-bam.nr-data.net

Source: unknown

Source: chromecache_228.2.dr	String found in binary or memory: http://opensource.org/licenses/MIT
Source: chromecache_176.2.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AbDGNSEX6j1lmziprIxq1sq8mdSbZUcua
Source: chromecache_176.2.dr	String found in binary or memory: https://adssettings.google.com/whythisad?source=afs_3p&reasons=AbDGNSH5VyGSNuAhy8TVpItU5HRONmYkj
Source: chromecache_228.2.dr	String found in binary or memory: https://daneden.github.io/animate.css/
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=
Source: chromecache_216.2.dr, chromecache_178.2.dr	String found in binary or memory: https://p11.techlab-cdn.com
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://partner.googleadservices.com/gampad/cookie.js
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://syndicatedsearch.goog
Source: chromecache_176.2.dr	String found in binary or memory: https://syndicatedsearch.goog/
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://www.google.com/pagead/1p-conversion/16521530460/?gad_source=1&adview_type=5
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABAAGgJlZg
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABABGgJlZg
Source: chromecache_176.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/aclk?sa=L&ai=DChcSEwj48YCv0KqJAxVil4MHHSA-MMgYABACGgJlZg
Source: chromecache_188.2.dr, chromecache_233.2.dr, chromecache_203.2.dr, chromecache_193.2.dr	String found in binary or memory: https://www.googleadservices.com/pagead/conversion/16521530460/?gad_source=1&adview_type=3
Source: chromecache_182.2.dr	String found in binary or memory: https://www.medicare.gov/static/5877e3fcf633354994b8f762fa69d172d6750013ed7077
Source: chromecache_176.2.dr	String found in binary or memory: https://www.medishare.com/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56318
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56319
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56279
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56312
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56313
Source: unknown	Network traffic detected: HTTP traffic on port 56302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56314
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56315
Source: unknown	Network traffic detected: HTTP traffic on port 56322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56286
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56287
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56320
Source: unknown	Network traffic detected: HTTP traffic on port 56325 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56288
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56289
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56322
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56282
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56283
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56284
Source: unknown	Network traffic detected: HTTP traffic on port 56271 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56285
Source: unknown	Network traffic detected: HTTP traffic on port 56319 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56281
Source: unknown	Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 56279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56327
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56323
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56324
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56307 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56325
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56326
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56298
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56299
Source: unknown	Network traffic detected: HTTP traffic on port 56268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56293
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56294
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56295
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56296
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56290
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56292
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 56299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 56314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 56286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56320 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 56317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56283 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56323 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56192
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 56312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56284 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56324 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56256
Source: unknown	Network traffic detected: HTTP traffic on port 56264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56295 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56327 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56308 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56266
Source: unknown	Network traffic detected: HTTP traffic on port 56267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56263
Source: unknown	Network traffic detected: HTTP traffic on port 56296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56309
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56307
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56302
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56303
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56304
Source: unknown	Network traffic detected: HTTP traffic on port 56305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56275
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56276
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56277
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56278
Source: unknown	Network traffic detected: HTTP traffic on port 56287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56271
Source: unknown	Network traffic detected: HTTP traffic on port 56293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56270
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 56316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49717 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.8:49724 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.8:56259 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@24/113@34/13

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Jump to behavior

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1968,i,16627719936755479855,5633795185747803734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://fido-billinginformation.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1968,i,16627719936755479855,5633795185747803734,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

ID:	1542560
Product:	CloudBasic
Start time:	00:54:30
Start date:	26.10.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://fido-billinginformation.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://fido-billinginformation.com/

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Boot Survival

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://fido-billinginformation.com/