Windows Analysis Report
https://www.provideportal.com

Overview

General Information

Sample URL: https://www.provideportal.com
Analysis ID: 1592065
Infos:

Detection

Score: 3
Range: 0 - 100
Whitelisted: false
Confidence: 80%

Signatures

Form action URLs do not match main URL
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML title does not match URL
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic

Classification

Form action URLs do not match main URL
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: Form action: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=10fa57ef-4895-4ab2-872c-8c3613d4f7fb&redirect_uri=https%3A%2F%2Fwww.microsoft.com%2Fcascadeauth%2Faccount%2Fsignin-oidc&response_type=code&prompt=none&scope=openid%20profile%20offline_access&code_challenge=PqbMvmFR33eZcYl060Rc3CzZoSd9AYHCYSzYXiYqioM&code_challenge_method=S256&response_mode=form_post&nonce=638725578105348598.ZDlkMTgwNDktMTM1ZS00MWYyLWJhNWUtZDMzNmY1N2YyM2VlODgxNTc4OGYtOGNjNi00M2ZjLTlmM2EtM2M1NzFlYjdjMjRm&client_info=1&x-client-brkrver=IDWeb.3.2.0.0&msafed=0&claims=%7B%22compact%22%3A%7B%22name%22%3A%7B%22essential%22%3Atrue%7D%7D%7D&state=CfDJ8P_pstto1o1NgBRsh8q_VvhVuFa7OjF2_Ge7gbFNu1XSBhvMZC3SdH7MW2zx8IGyBFMASxexHUqo5qEQkHDAZfz-l1hIHdITWiC7AKHEFd78mT9cKwS2IrNIb71h-zOoirjk4HtAymw3eFq9QNOq4d_JRq-VPuQmDDNjPMojq7zspMftx5xUJsC2dCoimH2VcJraXjcD1BqxVevhS6sroW3TWBUCqbIX3SEmwhVddyYaxeQAaMOY_AVxHpfVvGgDBlJmzva_s7B9vVMwwc_G3leHZ-ApF_9Zr0KW_VgHtNpE1kcZVRNy36pqEiHRSBp-B7q87GYde5PX3rEVARtKT8sKw1bcF383Cwre4t2vPWuyCHHV1NaOe9dwp4d7t6XuhXQ32yycKCqerVk9eH3C6r6HOTpUY9bRAZpp_ua3KuLM1mOP-svIaWeWYg4Tumkqwwx11gzNgnnhypCFZeMJ0Y4QvR_6vzbXfQU536VBJIJIX7snengGdZtlLP089OgJMQ&x-client-SKU=ID_NET6_0&x-client-ver=8.1.0.0&sso_reload=true microsoft microsoftonline
HTML body contains low number of good links
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: Number of links: 0
HTML page contains hidden javascript code
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: Base64 decoded: d9d18049-135e-41f2-ba5e-d336f57f23ee8815788f-8cc6-43fc-9f3a-3c571eb7c24f
HTML title does not match URL
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: Title: Redirecting does not match URL
Source: https://www.provideportal.com/ HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/?utm_medium=iis-deployment HTTP Parser: No favicon
Source: https://www.iis.net/overview HTTP Parser: No favicon
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No favicon
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No favicon
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No favicon
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No favicon
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No <meta name="author".. found
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No <meta name="author".. found
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No <meta name="copyright".. found
Source: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 HTTP Parser: No <meta name="copyright".. found
Suricata IDS alerts with low severity for network traffic
Source: Network traffic Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.8:49998 -> 87.248.119.251:443
Source: Network traffic Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.8:49981 -> 87.248.119.251:443
Source: Network traffic Suricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.8:49946 -> 104.244.42.131:443
Source: unknown TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown TCP traffic detected without corresponding DNS query: 23.206.229.226
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global traffic HTTP traffic detected: GET / HTTP/1.1Host: www.provideportal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /iis-85.png HTTP/1.1Host: www.provideportal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.provideportal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.provideportal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.provideportal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /iis-85.png HTTP/1.1Host: www.provideportal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /?utm_medium=iis-deployment HTTP/1.1Host: www.iis.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1Host: consentdeliveryfd.azurefd.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /Content/downloads.css HTTP/1.1Host: www.iis.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.iis.net/?utm_medium=iis-deploymentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /Content/home.css HTTP/1.1Host: www.iis.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.iis.net/?utm_medium=iis-deploymentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1Host: consentdeliveryfd.azurefd.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /scripts/c/ms.analytics-web-3.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/668682/0/vh?z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/680043/0/vh?z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/680044/0/vh?z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/668290/0/vh?z=effectus&dim=668283&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/674040/0/vh?z=effectus&dim=602457&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/674039/0/vh?z=effectus&dim=602464&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/668682/0/vh?ajecscp=1736960973381&z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/680043/0/vh?ajecscp=1736960981415&z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/680044/0/vh?ajecscp=1736960973463&z=effectus&dim=668296&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/668290/0/vh?ajecscp=1736960973465&z=effectus&dim=668283&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/674040/0/vh?ajecscp=1736960981499&z=effectus&dim=602457&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/674039/0/vh?ajecscp=1736960981509&z=effectus&dim=602464&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/60/602447/1640645301370_EMG_320x55_system_default_placeholder.jpg HTTP/1.1Host: img.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://effectus.nui.media/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1631935228275_Microsoft_Home_Page_Promo_610x48_MSDN1_May14.png HTTP/1.1Host: img.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://effectus.nui.media/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1645517934677_Microsoft_728_House_Apr13_-_IE_Dev_3mofree.jpg HTTP/1.1Host: img.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://effectus.nui.media/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1645502907854_Microsoft_ASP_300_House_Community_Promo_Jan18_-_video_callout.png HTTP/1.1Host: img.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://effectus.nui.media/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/60/602447/1640645301370_EMG_320x55_system_default_placeholder.jpg HTTP/1.1Host: img.nui.mediaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1631935228275_Microsoft_Home_Page_Promo_610x48_MSDN1_May14.png HTTP/1.1Host: img.nui.mediaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1645502907854_Microsoft_ASP_300_House_Community_Promo_Jan18_-_video_callout.png HTTP/1.1Host: img.nui.mediaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.iis.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.iis.net/?utm_medium=iis-deploymentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MicrosoftApplicationsTelemetryDeviceId=a261ba66-575d-49c0-9b85-dbcca8500f0b; ai_session=UyaPBkMvVTNqK5MXmHUW44|1736960971402|1736960971402; MSCC=NR; MSFPC=GUID=423e5dd305214ac189f23ad679aad16c&HASH=423e&LV=202501&V=4&LU=1736960974761
Source: global traffic HTTP traffic detected: GET /banners/media/60/602446/66/668282/1645517934677_Microsoft_728_House_Apr13_-_IE_Dev_3mofree.jpg HTTP/1.1Host: img.nui.mediaConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.iis.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MicrosoftApplicationsTelemetryDeviceId=a261ba66-575d-49c0-9b85-dbcca8500f0b; ai_session=UyaPBkMvVTNqK5MXmHUW44|1736960971402|1736960971402; MSCC=NR; MSFPC=GUID=423e5dd305214ac189f23ad679aad16c&HASH=423e&LV=202501&V=4&LU=1736960974761
Source: global traffic HTTP traffic detected: GET /overview HTTP/1.1Host: www.iis.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://www.iis.net/?utm_medium=iis-deploymentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MicrosoftApplicationsTelemetryDeviceId=a261ba66-575d-49c0-9b85-dbcca8500f0b; ai_session=UyaPBkMvVTNqK5MXmHUW44|1736960971402|1736960971402; MSCC=NR; MSFPC=GUID=423e5dd305214ac189f23ad679aad16c&HASH=423e&LV=202501&V=4&LU=1736960974761
Source: global traffic HTTP traffic detected: GET /Content/overview.css HTTP/1.1Host: www.iis.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.iis.net/overviewAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: MicrosoftApplicationsTelemetryDeviceId=a261ba66-575d-49c0-9b85-dbcca8500f0b; ai_session=UyaPBkMvVTNqK5MXmHUW44|1736960971402|1736960971402; MSCC=NR; MSFPC=GUID=423e5dd305214ac189f23ad679aad16c&HASH=423e&LV=202501&V=4&LU=1736960974761
Source: global traffic HTTP traffic detected: GET /pipeline/674039/0/vh?z=effectus&dim=602464&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pipeline/674039/0/vh?ajecscp=1736960988813&z=effectus&dim=602464&kw=&click= HTTP/1.1Host: effectus.nui.mediaConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://www.iis.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1736961013086 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: mscom.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=50517421273681541960337102840294535041&ts=1736961014416 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&ts=1736961013086 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014
Source: global traffic HTTP traffic detected: GET /365868.gif?partner_uid=50978924135514289550290939227909392014 HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=50517421273681541960337102840294535041&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MSFPC%01423e5dd305214ac189f23ad679aad16c%012&d_cid_ic=MC1%01423e5dd305214ac189f23ad679aad16c%012&ts=1736961015488 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.microsoft.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=50517421273681541960337102840294535041&ts=1736961014416 HTTP/1.1Host: msftenterprise.sc.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dextp=358-1-1736961015522
Source: global traffic HTTP traffic detected: GET /getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTA5Nzg5MjQxMzU1MTQyODk1NTAyOTA5MzkyMjc5MDkzOTIwMTQ= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlKHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /i/adsct?p_user_id=50978924135514289550290939227909392014&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /1000.gif?memo=CKyqFhIxCi0IARCYEhomNTA5Nzg5MjQxMzU1MTQyODk1NTAyOTA5MzkyMjc5MDkzOTIwMTQQABoNCPjXn7wGEgUI6AcQAEIASgA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=21AvXYM4lB2iVSZL7lVlHx3ZrhKolkVlpi3GYirPny8=; pxrc=CAA=
Source: global traffic HTTP traffic detected: GET /track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EA76ADE95776D2EC7F000101%40AdobeOrg&d_nsid=0&d_mid=50517421273681541960337102840294535041&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=MSFPC%01423e5dd305214ac189f23ad679aad16c%012&d_cid_ic=MC1%01423e5dd305214ac189f23ad679aad16c%012&ts=1736961015488 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287
Source: global traffic HTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405; dpm=50978924135514289550290939227909392014
Source: global traffic HTTP traffic detected: GET /pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.quantserve.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=oVsEa2XDpUXpg2TVCj0HLpv2lZ3p9Gsws46ZbeNbvIqxt1qy_xHnRDUN2db5Sl8ybGeV4PxMZKpt32R4umHEBOssoqxHap368SpVNfPl3-Y.; receive-cookie-deprecation=1; uuid2=557779979202385751
Source: global traffic HTTP traffic detected: GET /i/adsct?p_user_id=50978924135514289550290939227909392014&p_id=38594 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_xxy6XiM66VAxnSyHbXPi0Q=="
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTA5Nzg5MjQxMzU1MTQyODk1NTAyOTA5MzkyMjc5MDkzOTIwMTQ=&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlKHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic HTTP traffic detected: GET /ibs:dpid=992&dpuuid=hgducloh90vo HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624
Source: global traffic HTTP traffic detected: GET /track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.microsoft.com&ttd_tpi=1 HTTP/1.1Host: match.adsrvr.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: TDID=8cc88479-cd79-40aa-ab5a-df68bc6cc912; TDCPM=CAEYBSgCMgsIkKLT88bk2j0QBTgB
Source: global traffic HTTP traffic detected: GET /ibs:dpid=477&dpuuid=5f05fd322f209d931697992260c1b26ea953cb36f8c4e2819f426fba14a8493db0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848
Source: global traffic HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180
Source: global traffic HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=iNxrMduJNT-TjWFliI5-ZY_bNTWT0jFgjd2YaUP9 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292
Source: global traffic HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=0B0218E9E59A662813BC0D9CE48367BE HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401
Source: global traffic HTTP traffic detected: GET /ibs:dpid=903&dpuuid=8cc88479-cd79-40aa-ab5a-df68bc6cc912 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514
Source: global traffic HTTP traffic detected: GET /ibs:dpid=358&dpuuid=557779979202385751 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514
Source: global traffic HTTP traffic detected: GET /ibs:dpid=992&dpuuid=hgducloh90vo HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514
Source: global traffic HTTP traffic detected: GET /i.match?p=b13&u=50978924135514289550290939227909392014&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: a.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESED2vXeed_dW9ZQPHbePcsFU&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514
Source: global traffic HTTP traffic detected: GET /ibs:dpid=477&dpuuid=5f05fd322f209d931697992260c1b26ea953cb36f8c4e2819f426fba14a8493db0da87c991749652 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /cms?partner_id=ADOBE&_hosted_id=50978924135514289550290939227909392014&gdpr=0&gdpr_consent= HTTP/1.1Host: cms.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=1175&gdpr=0&dpuuid=iNxrMduJNT-TjWFliI5-ZY_bNTWT0jFgjd2YaUP9 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /z/i.match?p=b13&u=50978924135514289550290939227909392014&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP/1.1Host: s.tribalfusion.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: ANON_ID=aEnoeURZdySrAIUMt0Va3sqcce7yd9rmGCNl7MofB
Source: global traffic HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=0B0218E9E59A662813BC0D9CE48367BE HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /ibs:dpid=903&dpuuid=8cc88479-cd79-40aa-ab5a-df68bc6cc912 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /dmp/adobe/user?dd_uuid=50978924135514289550290939227909392014 HTTP/1.1Host: bttrack.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=358&dpuuid=557779979202385751 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=6224729AEA8D7B&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESED2vXeed_dW9ZQPHbePcsFU&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848
Source: global traffic HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=7133125C26D755CE9CE10C15315FD892 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877
Source: global traffic HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=50978924135514289550290939227909392014&gdpr=0&gdpr_consent= HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877
Source: global traffic HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=71cff8b2-da0f-422c-9218-fa6c92643fed HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877
Source: global traffic HTTP traffic detected: GET /ibs:dpid=3047&dpuuid=6224729AEA8D7B&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877
Source: global traffic HTTP traffic detected: GET /getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1Host: dmpsync.3lift.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: tluidp=4052167820564766812840; tluid=4052167820564766812840
Source: global traffic HTTP traffic detected: GET /CookieSyncAdobe HTTP/1.1Host: rtb.adentifi.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /dv/sync?tid=6 HTTP/1.1Host: ag.innovid.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=57282&dpuuid=7133125C26D755CE9CE10C15315FD892 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /ups/58782/cms?partner_id=ADOBE&_hosted_id=50978924135514289550290939227909392014&gdpr=0&gdpr_consent=&uid=50978924135514289550290939227909392014&verify=true HTTP/1.1Host: ups.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBPzrh2cCEFUvq8otFsMJwnJ65xeWg_wFEgEBAQE9iWeRZ9xH0iMA_eMAAA&S=AQAAAp1ZcA9VF0PFBtRJ-41RhPs
Source: global traffic HTTP traffic detected: GET /ibs:dpid=22054 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /ibs:dpid=49276&dpuuid=71cff8b2-da0f-422c-9218-fa6c92643fed HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7902474191694123078 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=50978924135514289550290939227909392014?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4052167820564766812840&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=3d24fba3-f958-42b7-95bf-8065ef515c8c HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WjRmcl9BQUFBTmRycUFPVg== HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUk-eUEVhEs9BSWts0DNYn9OUioJIzyX44eYzzkup1CkX64tnPgZSeTvbliL2L8
Source: global traffic HTTP traffic detected: GET /map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=50978924135514289550290939227909392014?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP/1.1Host: sync.crwdcntrl.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _cc_cc=ctst
Source: global traffic HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-1NH5hrhE2pFzO6e5Y1Fj_XVZwSVsHWUlNXc-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881
Source: global traffic HTTP traffic detected: GET /ibs:dpid=53196&dpuuid=Q7902474191694123078 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881
Source: global traffic HTTP traffic detected: GET /ibs:dpid=72352&dpuuid=4052167820564766812840&gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881
Source: global traffic HTTP traffic detected: GET /ibs:dpid=80742&dpuuid=3d24fba3-f958-42b7-95bf-8065ef515c8c HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881
Source: global traffic HTTP traffic detected: GET /rum?cm_dsp_id=88&external_user_id=Z4fr_AAAANdrqAOV HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=782&dpuuid=Z4fr_AAAANdrqAOV HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881
Source: global traffic HTTP traffic detected: GET /pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WjRmcl9BQUFBTmRycUFPVg== HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIW2yQEIorbJAQipncoBCOj/ygEIlKHLAQiFoM0BCLnKzQEIitPNARjBy8wBGMXYzQEY642lFw==Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUk-eUEVhEs9BSWts0DNYn9OUioJIzyX44eYzzkup1CkX64tnPgZSeTvbliL2L8
Source: global traffic HTTP traffic detected: GET /ibs:dpid=30646?dpuuid=y-1NH5hrhE2pFzO6e5Y1Fj_XVZwSVsHWUlNXc-~A HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881|144233-1-1736961021881
Source: global traffic HTTP traffic detected: GET /ibs:dpid=121998&dpuuid=510fc394a7d793d82155ff9092eb96da HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881|144233-1-1736961021881
Source: global traffic HTTP traffic detected: GET /rum?cm_dsp_id=88&external_user_id=Z4fr_AAAANdrqAOV&C=1 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMID=Z4fr-9HM6GsAACV9A2-L9AAA; CMPS=555; CMPRO=555
Source: global traffic HTTP traffic detected: GET /setuid?entity=158&code=Z4fr_AAAANdrqAOV HTTP/1.1Host: ib.adnxs.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: XANDR_PANID=oVsEa2XDpUXpg2TVCj0HLpv2lZ3p9Gsws46ZbeNbvIqxt1qy_xHnRDUN2db5Sl8ybGeV4PxMZKpt32R4umHEBOssoqxHap368SpVNfPl3-Y.; receive-cookie-deprecation=1; uuid2=557779979202385751
Source: global traffic HTTP traffic detected: GET /ibs:dpid=121998&dpuuid=510fc394a7d793d82155ff9092eb96da HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881|144233-1-1736961021881|144234-1-1736961022875
Source: global traffic HTTP traffic detected: GET /rum?cm_dsp_id=88&external_user_id=Z4fr_AAAANdrqAOV&C=1 HTTP/1.1Host: dsum-sec.casalemedia.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMID=Z4fr-9HM6GsAACV9A2-L9AAA; CMPS=555; CMPRO=555
Source: global traffic HTTP traffic detected: GET /w/1.0/sd?id=537148856&val=Z4fr_AAAANdrqAOV HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /setuid?entity=158&code=Z4fr_AAAANdrqAOV HTTP/1.1Host: ib.adnxs.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: uuid2=557779979202385751; anj=dTM7k!M4.FErk#WF']wIg2Hb6DO0n_!@wnfH)iR8PMp-v=0HE(]]R%@$qMW]%9F+d#@+4'msuj[(EWos>fIzzInsuyVm6h5`vHT9*eETX+*LM)lEQn?
Source: global traffic HTTP traffic detected: GET /w/1.0/sd?cc=1&id=537148856&val=Z4fr_AAAANdrqAOV HTTP/1.1Host: us-u.openx.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=054abc1b-aedf-4ef4-844d-19e7c8cba432|1736961024
Source: global traffic HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Z4fr_AAAANdrqAOV HTTP/1.1Host: image2.pubmatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /w/1.0/sd?cc=1&id=537148856&val=Z4fr_AAAANdrqAOV HTTP/1.1Host: us-u.openx.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: i=054abc1b-aedf-4ef4-844d-19e7c8cba432|1736961024
Source: global traffic HTTP traffic detected: GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Z4fr_AAAANdrqAOV HTTP/1.1Host: image2.pubmatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: KRTBCOOKIE_218=22978-Z4fr_AAAANdrqAOV&KRTB&23194-Z4fr_AAAANdrqAOV&KRTB&23209-Z4fr_AAAANdrqAOV&KRTB&23244-Z4fr_AAAANdrqAOV; PugT=1736961023
Source: global traffic HTTP traffic detected: GET /fr/b.php?p=1531105787105294&e=Z4fr_AAAANdrqAOV&t=2592000&o=0 HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sg/adobe/1/cm?gdpr=0&gdpr_consent= HTTP/1.1Host: trc.taboola.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /fr/b.php?p=1531105787105294&e=Z4fr_AAAANdrqAOV&t=2592000&o=0 HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /sync?nid=adobe HTTP/1.1Host: sync.srv.stackadapt.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic HTTP traffic detected: GET /ibs:dpid=390122&dpuuid=lrhR-Xu2Vn5xeulD3h3wrAgue70 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://mscom.demdex.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881|144233-1-1736961021881|144234-1-1736961022875|144235-1-1736961023885|144236-1-1736961024902|144237-1-1736961025875|147592-1-1736961026880|390122-1-1736961027872
Source: global traffic HTTP traffic detected: GET /ibs:dpid=390122&dpuuid=lrhR-Xu2Vn5xeulD3h3wrAgue70 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=50978924135514289550290939227909392014; dpm=50978924135514289550290939227909392014; dextp=358-1-1736961015522|477-1-1736961015631|771-1-1736961015742|782-1-1736961015853|992-1-1736961015963|1123-1-1736961016074|903-1-1736961016178|1175-1-1736961016287|1957-1-1736961016405|3047-1-1736961016514|22054-1-1736961016624|30646-1-1736961016739|53196-1-1736961016848|38117-1-1736961016960|57282-1-1736961017070|49276-1-1736961017180|72352-1-1736961017292|80742-1-1736961017401|81309-1-1736961017514|121998-1-1736961017620|144228-1-1736961017733|144229-1-1736961017848|144230-1-1736961018877|144231-1-1736961019875|144232-1-1736961020881|144233-1-1736961021881|144234-1-1736961022875|144235-1-1736961023885|144236-1-1736961024902|144237-1-1736961025875|147592-1-1736961026880|390122-1-1736961027872
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: <li><a href="https://www.twitter.com/inetsrv/" class="twitter">Twitter</a></li> equals www.twitter.com (Twitter)
Source: global traffic DNS traffic detected: DNS query: www.google.com
Source: global traffic DNS traffic detected: DNS query: www.provideportal.com
Source: global traffic DNS traffic detected: DNS query: www.iis.net
Source: global traffic DNS traffic detected: DNS query: consentdeliveryfd.azurefd.net
Source: global traffic DNS traffic detected: DNS query: js.monitor.azure.com
Source: global traffic DNS traffic detected: DNS query: iis-umbraco.azurewebsites.net
Source: global traffic DNS traffic detected: DNS query: effectus.nui.media
Source: global traffic DNS traffic detected: DNS query: img.nui.media
Source: global traffic DNS traffic detected: DNS query: play.vidyard.com
Source: global traffic DNS traffic detected: DNS query: assets.adobedtm.com
Source: global traffic DNS traffic detected: DNS query: login.microsoftonline.com
Source: global traffic DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic DNS traffic detected: DNS query: mscom.demdex.net
Source: global traffic DNS traffic detected: DNS query: msftenterprise.sc.omtrdc.net
Source: global traffic DNS traffic detected: DNS query: cm.everesttech.net
Source: global traffic DNS traffic detected: DNS query: ib.adnxs.com
Source: global traffic DNS traffic detected: DNS query: idsync.rlcdn.com
Source: global traffic DNS traffic detected: DNS query: cm.g.doubleclick.net
Source: global traffic DNS traffic detected: DNS query: rtd.tubemogul.com
Source: global traffic DNS traffic detected: DNS query: idpix.media6degrees.com
Source: global traffic DNS traffic detected: DNS query: analytics.twitter.com
Source: global traffic DNS traffic detected: DNS query: match.adsrvr.org
Source: global traffic DNS traffic detected: DNS query: cms.quantserve.com
Source: global traffic DNS traffic detected: DNS query: rtd-tm.everesttech.net
Source: global traffic DNS traffic detected: DNS query: servedby.flashtalking.com
Source: global traffic DNS traffic detected: DNS query: a.tribalfusion.com
Source: global traffic DNS traffic detected: DNS query: cms.analytics.yahoo.com
Source: global traffic DNS traffic detected: DNS query: px.owneriq.net
Source: global traffic DNS traffic detected: DNS query: jadserve.postrelease.com
Source: global traffic DNS traffic detected: DNS query: ds.reson8.com
Source: global traffic DNS traffic detected: DNS query: bttrack.com
Source: global traffic DNS traffic detected: DNS query: s.tribalfusion.com
Source: global traffic DNS traffic detected: DNS query: dmpsync.3lift.com
Source: global traffic DNS traffic detected: DNS query: ups.analytics.yahoo.com
Source: global traffic DNS traffic detected: DNS query: ag.innovid.com
Source: global traffic DNS traffic detected: DNS query: rtb.adentifi.com
Source: global traffic DNS traffic detected: DNS query: sync.crwdcntrl.net
Source: global traffic DNS traffic detected: DNS query: sync-tm.everesttech.net
Source: global traffic DNS traffic detected: DNS query: www.clarity.ms
Source: global traffic DNS traffic detected: DNS query: pixel.rubiconproject.com
Source: global traffic DNS traffic detected: DNS query: dsum-sec.casalemedia.com
Source: global traffic DNS traffic detected: DNS query: z.clarity.ms
Source: global traffic DNS traffic detected: DNS query: us-u.openx.net
Source: global traffic DNS traffic detected: DNS query: image2.pubmatic.com
Source: global traffic DNS traffic detected: DNS query: sync.search.spotxchange.com
Source: global traffic DNS traffic detected: DNS query: www.facebook.com
Source: global traffic DNS traffic detected: DNS query: trc.taboola.com
Source: global traffic DNS traffic detected: DNS query: sync.srv.stackadapt.com
Source: global traffic HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/8.5X-Powered-By: ASP.NETDate: Wed, 15 Jan 2025 17:09:25 GMTConnection: closeContent-Length: 1245
Source: chromecache_226.2.dr, chromecache_241.2.dr String found in binary or memory: http://github.com/requirejs/almond/LICENSE
Source: chromecache_288.2.dr String found in binary or memory: http://schema.org/Organization
Source: chromecache_248.2.dr, chromecache_294.2.dr String found in binary or memory: http://scottjehl.github.io/picturefill
Source: chromecache_156.2.dr, chromecache_239.2.dr String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_288.2.dr, chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://aka.ms/yourcaliforniaprivacychoices
Source: chromecache_166.2.dr, chromecache_227.2.dr String found in binary or memory: https://api.company-target.com/api/v2/ip.json?key=70aff8023e038d56ea636f68e5c5922b
Source: chromecache_182.2.dr, chromecache_273.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RC10ffc58a4a8a4d3c8b13ab7eae19c87
Source: chromecache_265.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RC1fc64c69f66543f7902881d9fba93b3
Source: chromecache_168.2.dr, chromecache_308.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RC82b2c8c298654e17859974fddee3185
Source: chromecache_296.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RC86580b4b76fc4faca2bf443d92c6b25
Source: chromecache_178.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RCa0059efdf53d4c19be7d008a0a7abf0
Source: chromecache_193.2.dr, chromecache_231.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RCcef87db72dc34649980e93371625fa0
Source: chromecache_157.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RCe273b42c34d5427cb02b2d6cd022cac
Source: chromecache_158.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/2537c33769cb/1bd4ced621a0/RCe86a4eb0fcba478dbcc7216ce837462
Source: chromecache_165.2.dr, chromecache_197.2.dr String found in binary or memory: https://assets.adobedtm.com/5ef092d1efb5/d6d76b37b476/launch-41185cd0b005.js
Source: chromecache_177.2.dr, chromecache_191.2.dr String found in binary or memory: https://assets.adobedtm.com/launch-ENc0cbffaf0f8248c3a934a56818d7737e.js
Source: chromecache_196.2.dr, chromecache_297.2.dr String found in binary or memory: https://axios-http.com
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://blogs.iis.net/
Source: chromecache_236.2.dr String found in binary or memory: https://blogs.iis.net/bariscaglar/iisadministration-powershell-cmdlets-new-feature-in-windows-10-ser
Source: chromecache_236.2.dr String found in binary or memory: https://blogs.iis.net/davidso/http2
Source: chromecache_236.2.dr String found in binary or memory: https://blogs.iis.net/feed/recent-posts.xml
Source: chromecache_236.2.dr String found in binary or memory: https://blogs.iis.net/iisteam/introducing-iis-cors-1-0
Source: chromecache_236.2.dr String found in binary or memory: https://blogs.iis.net/iisteam/url-rewrite-v2-1
Source: chromecache_300.2.dr, chromecache_301.2.dr String found in binary or memory: https://breeze.aimon.applicationinsights.io
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=12006
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://bugs.chromium.org/p/v8/issues/detail?id=3334
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://bugzil.la/548397
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=277178
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=308064
Source: chromecache_323.2.dr, chromecache_242.2.dr String found in binary or memory: https://cdn.jsdelivr.net/npm/bluebird
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://code.visualstudio.com/
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://consentdeliveryfd.azurefd.net/mscc/lib/v2/wcp-consent.js
Source: chromecache_300.2.dr, chromecache_301.2.dr String found in binary or memory: https://dc-int.services.visualstudio.com
Source: chromecache_300.2.dr, chromecache_301.2.dr String found in binary or memory: https://dc.services.visualstudio.com
Source: chromecache_183.2.dr String found in binary or memory: https://dev.azure.com/mscomdev/Moray/_workitems/edit/4494
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/KeyboardEvent/key/Key_Values
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668290/0/cc?z=effectus
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668290/0/vc?z=effectus&dim=668283&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668290/0/vh?z=effectus&amp;dim=668283&amp;kw=&amp;click=
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668290/0/vj?z=effectus&dim=668283&kw=&click=&abr=$scriptiniframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668682/0/cc?z=effectus
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668682/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668682/0/vh?z=effectus&amp;dim=668296&amp;kw=&amp;click=
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/668682/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674039/0/cc?z=effectus
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674039/0/vc?z=effectus&dim=602464&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674039/0/vh?z=effectus&amp;dim=602464&amp;kw=&amp;click=
Source: chromecache_253.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674039/0/vh?z=effectus&dim=602464&kw=&click=
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674039/0/vj?z=effectus&dim=602464&kw=&click=&abr=$scriptiniframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674040/0/cc?z=effectus
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674040/0/vc?z=effectus&dim=602457&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674040/0/vh?z=effectus&amp;dim=602457&amp;kw=&amp;click=
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/674040/0/vj?z=effectus&dim=602457&kw=&click=&abr=$scriptiniframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680043/0/cc?z=effectus
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680043/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680043/0/vh?z=effectus&amp;dim=668296&amp;kw=&amp;click=
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680043/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680044/0/cc?z=effectus
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680044/0/vc?z=effectus&dim=668296&kw=&click=&abr=$imginiframe
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680044/0/vh?z=effectus&amp;dim=668296&amp;kw=&amp;click=
Source: chromecache_236.2.dr String found in binary or memory: https://effectus.nui.media/pipeline/680044/0/vj?z=effectus&dim=668296&kw=&click=&abr=$scriptiniframe
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://elad.medium.com/css-position-sticky-how-it-really-works-54cd01dc2d46
Source: chromecache_253.2.dr String found in binary or memory: https://forums.iis.net/
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://forums.iis.net/1080.aspx
Source: chromecache_196.2.dr, chromecache_297.2.dr String found in binary or memory: https://github.com/axios/axios.git
Source: chromecache_196.2.dr, chromecache_297.2.dr String found in binary or memory: https://github.com/axios/axios/issues
Source: chromecache_276.2.dr, chromecache_163.2.dr String found in binary or memory: https://github.com/carhartl/jquery-cookie
Source: chromecache_305.2.dr, chromecache_169.2.dr String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/mozilla/rhino/issues/346
Source: chromecache_294.2.dr String found in binary or memory: https://github.com/scottjehl/picturefill/blob/master/Authors.txt;
Source: chromecache_248.2.dr, chromecache_294.2.dr String found in binary or memory: https://github.com/scottjehl/picturefill/tree/3.0/src/plugins/gecko-picture
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/tc39/proposal-error-cause
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/w3c/aria-practices/pull/1757
Source: chromecache_184.2.dr, chromecache_317.2.dr, chromecache_274.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.25.0/LICENSE
Source: chromecache_317.2.dr, chromecache_274.2.dr String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.26.0/LICENSE
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://github.com/zloirock/core-js/issues/86#issuecomment-115759028
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://iisumbraco.blob.core.windows.net/media/7435263/jquery-3.5.1.min.js
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://iisumbraco.blob.core.windows.net/media/7435263/main.js
Source: chromecache_234.2.dr, chromecache_173.2.dr String found in binary or memory: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1MmB8?ver=6c43g
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://javascript.info/size-and-scroll-window#width-height-of-the-document
Source: chromecache_313.2.dr, chromecache_284.2.dr String found in binary or memory: https://jquery.com/
Source: chromecache_313.2.dr, chromecache_284.2.dr String found in binary or memory: https://jquery.org/license
Source: chromecache_313.2.dr, chromecache_284.2.dr String found in binary or memory: https://js.foundation/
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://keycode.info/table-of-all-keycodes
Source: chromecache_220.2.dr, chromecache_325.2.dr String found in binary or memory: https://login.live.com/Me.srf?wa
Source: chromecache_220.2.dr, chromecache_325.2.dr String found in binary or memory: https://login.microsoftonline.com/forgetuser
Source: chromecache_220.2.dr, chromecache_325.2.dr String found in binary or memory: https://login.microsoftonline.com/savedusers?appid
Source: chromecache_325.2.dr String found in binary or memory: https://login.microsoftonline.com/uxlogout?appid
Source: chromecache_236.2.dr String found in binary or memory: https://manage.iis.net
Source: chromecache_196.2.dr, chromecache_297.2.dr String found in binary or memory: https://microsoftit.pkgs.visualstudio.com/OneITVSO/_packaging/CSM-SITES-AEMFoundations/npm/registry/
Source: chromecache_272.2.dr, chromecache_290.2.dr String found in binary or memory: https://outlook-sdf.live.com/mail/
Source: chromecache_234.2.dr, chromecache_173.2.dr String found in binary or memory: https://outlook.live.com/owa/?nlp=1
Source: chromecache_279.2.dr, chromecache_186.2.dr String found in binary or memory: https://partner.microsoft-ppe.com/
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://php.iis.net/
Source: chromecache_288.2.dr String found in binary or memory: https://play.vidyard.com/embed/v4.js
Source: chromecache_248.2.dr, chromecache_294.2.dr String found in binary or memory: https://scottjehl.github.io/picturefill/
Source: chromecache_313.2.dr, chromecache_284.2.dr String found in binary or memory: https://sizzlejs.com/
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot-aec
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.includes
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-array.prototype.indexof
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-getmethod
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-hasownproperty
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-iscallable
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-lengthofarraylike
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-math.trunc
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-object.defineproperty
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertydescriptor
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-object.getownpropertynames
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-object.prototype.propertyisenumerable
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-object.setprototypeof
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-ordinarytoprimitive
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-requireobjectcoercible
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-tointegerorinfinity
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-tolength
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-toobject
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-toprimitive
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/ecma262/#sec-topropertykey
Source: chromecache_184.2.dr, chromecache_183.2.dr String found in binary or memory: https://tc39.es/proposal-error-cause/#sec-errorobjects-install-error-cause
Source: chromecache_309.2.dr, chromecache_265.2.dr String found in binary or memory: https://www.clarity.ms/tag/
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://www.effectusmedia.com/?site=iis#contactus
Source: chromecache_236.2.dr, chromecache_253.2.dr String found in binary or memory: https://www.twitter.com/inetsrv/
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50058
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50060
Source: unknown Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown Network traffic detected: HTTP traffic on port 50045 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50064
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50072
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50071
Source: unknown Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50076
Source: unknown Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50075
Source: unknown Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50078
Source: unknown Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50079
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50080
Source: unknown Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50079 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown Network traffic detected: HTTP traffic on port 49676 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown Network traffic detected: HTTP traffic on port 50078 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50041
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50043
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50045
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50044
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown Network traffic detected: HTTP traffic on port 50072 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown Network traffic detected: HTTP traffic on port 50044 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50071 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50060 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50076 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50043 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49941 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49941
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50075 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown Network traffic detected: HTTP traffic on port 50064 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50041 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50058 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown Network traffic detected: HTTP traffic on port 49716 -> 443
Source: classification engine Classification label: clean3.win@23/274@143/35
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1908,i,552547930979920586,291555781854234261,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.provideportal.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1908,i,552547930979920586,291555781854234261,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe Process created: unknown unknown Jump to behavior
Source: Google Drive.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.dr LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window Recorder Window detected: More than 3 window changes detected
Stores files to the Windows start menu directory
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk Jump to behavior
Source: chromecache_288.2.dr Binary or memory string: <li class="js-nav-menu single-link" data-m='{"cN":"Hyper-V Server 2016_cont","cT":"Container","id":"c4c3c5c8c3m1r1a1","sN":4,"aN":"c3c5c8c3m1r1a1"}'>
Source: chromecache_288.2.dr Binary or memory string: <a id="c-shellmenu_56" class="js-subm-uhf-nav-link" href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2016" data-m='{"cN":"CatNav_Hyper-V Server 2016_nav","id":"n1c4c3c5c8c3m1r1a1","sN":1,"aN":"c4c3c5c8c3m1r1a1"}'>Hyper-V Server 2016</a>
Source: chromecache_288.2.dr Binary or memory string: </p> <p>Get started with Windows Server Essentials: <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019-essentials" class="ms-rte-link" target="_self" aria-label="Get started with Windows Server 2019 Essentials">2019</a> | <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016-essentials" class="ms-rte-link" target="_self" aria-label="Get started with Windows Server 2016 Essentials">2016</a> | <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2-essentials" class="ms-rte-link" target="_self" aria-label="Get started with Windows Server 2012 R2 Essentials">2012 R2</a><br/> Learn more about <a href="https://www.microsoft.com/en-us/microsoft-365/business?rtc=1" class="ms-rte-link" target="_blank" aria-label="Learn more about Microsoft 365 for business">Microsoft 365 for business</a></p> </p> </div> </div> </div> </li> <li> <div class="accordion-collapse" data-component-id="2b4e50a1f87441ee2b350bf7e67feba9" oc-component-name="accordion-collapse"> <h3 class="accordion-header"> <button class="btn btn-collapse collapsed " data-mount="collapse" data-target="#x4afad2f8f87a40c1a800b9f4cfe1d887" aria-expanded="false" aria-controls="x4afad2f8f87a40c1a800b9f4cfe1d887"> <span class="p">Hyper-V Server
Source: chromecache_288.2.dr Binary or memory string: <li class="f-sub-menu js-nav-menu nested-menu" data-m='{"cN":"Hyper-V Server_cont","cT":"Container","id":"c3c5c8c3m1r1a1","sN":3,"aN":"c5c8c3m1r1a1"}'>
Source: chromecache_288.2.dr Binary or memory string: </span> </button> </h3> <div class="collapse" id="x4afad2f8f87a40c1a800b9f4cfe1d887" data-parent="#x3e5d492c7f25464fac0ac01b9cb17529"> <div class="accordion-body"> <p><p>Hyper-V Server provides a simple and reliable virtualization solution to help organizations improve their server utilization and reduce costs. The latest release of Hyper-V Server provides new and enhanced features that can help you deliver the scale and performance needs of your mission-critical workloads.</p> <p>Get started with Hyper-V Server: <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2019" class="ms-rte-link" target="_self" aria-label="Get started with Hyper-V Server 2019">2019</a> | <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2016" class="ms-rte-link" target="_self" aria-label="Get started with Hyper-V Server 2016">2016</a> | <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2012-r2" class="ms-rte-link" target="_self" aria-label="Get started with Hyper-V Server 2012 R2">2012 R2</a> | <a href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2012" class="ms-rte-link" target="_self" aria-label="Get started with Hyper-V Server 2012">2012</a></p> </p> </div> </div> </div> </li> <li> <div class="accordion-collapse" data-component-id="2b4e50a1f87441ee2b350bf7e67feba9" oc-component-name="accordion-collapse"> <h3 class="accordion-header"> <button class="btn btn-collapse collapsed " data-mount="collapse" data-target="#x5868386b85a74a038d43805a7b88fa99" aria-expanded="false" aria-controls="x5868386b85a74a038d43805a7b88fa99"> <span class="p">Windows Admin Center
Source: chromecache_288.2.dr Binary or memory string: <a id="c-shellmenu_55" class="js-subm-uhf-nav-link" href="https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2019" data-m='{"cN":"CatNav_Hyper-V Server 2019_nav","id":"n1c3c3c5c8c3m1r1a1","sN":1,"aN":"c3c3c5c8c3m1r1a1"}'>Hyper-V Server 2019</a>
Source: chromecache_288.2.dr Binary or memory string: <span id="uhf-navspn-c-shellmenu_54-span" style="display:none" aria-expanded="false" data-m='{"cN":"CatNav_Hyper-V Server_nonnav","id":"nn1c3c5c8c3m1r1a1","sN":1,"aN":"c3c5c8c3m1r1a1"}'>Hyper-V Server</span>
Source: chromecache_288.2.dr Binary or memory string: <li class="js-nav-menu single-link" data-m='{"cN":"Hyper-V Server 2019_cont","cT":"Container","id":"c3c3c5c8c3m1r1a1","sN":3,"aN":"c3c5c8c3m1r1a1"}'>
Source: chromecache_288.2.dr Binary or memory string: <button id="uhf-navbtn-c-shellmenu_54-button" type="button" aria-expanded="false" data-m='{"cN":"CatNav_Hyper-V Server_nonnav","id":"nn2c3c5c8c3m1r1a1","sN":2,"aN":"c3c5c8c3m1r1a1"}'>Hyper-V Server</button>
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1592065 URL: https://www.provideportal.com Startdate: 15/01/2025 Architecture: WINDOWS Score: 3 14 sync.search.spotxchange.com 2->14 16 shed.dual-low.s-part-0017.t-0009.t-msedge.net 2->16 18 s-part-0017.t-0009.t-msedge.net 2->18 6 chrome.exe 9 2->6         started        9 chrome.exe 2->9         started        process3 dnsIp4 20 192.168.2.8, 138, 443, 49177 unknown unknown 6->20 22 239.255.255.250 unknown Reserved 6->22 11 chrome.exe 6->11         started        process5 dnsIp6 24 dcs-ups.g03.yahoodns.net 87.248.119.251, 443, 49981, 49998 YAHOO-DEBDE United Kingdom 11->24 26 s.twitter.com 104.244.42.131, 443, 49946, 49963 TWITTERUS United States 11->26 28 87 other IPs or domains 11->28
  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Contacted Public IPs

IP Domain Country Flag ASN ASN Name Malicious
18.204.60.8
 rtb.adentifi.com United States
14618 AMAZON-AESUS false
13.107.246.44
 s-part-0016.t-0009.t-msedge.net United States
8068 MICROSOFT-CORP-MSN-AS-BLOCKUS false
34.240.156.246
 dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com United States
16509 AMAZON-02US false
35.177.13.55
 aragorn-prod-uk-acai-lb.inbake.com United States
16509 AMAZON-02US false
104.244.42.131
 s.twitter.com United States
13414 TWITTERUS false
172.64.150.63
 s.tribalfusion.com United States
13335 CLOUDFLARENETUS false
63.140.62.17
 unknown United States
15224 OMNITUREUS false
40.117.157.87
 www.provideportal.com United States
8075 MICROSOFT-CORP-MSN-AS-BLOCKUS false
151.101.1.44
 unknown United States
54113 FASTLYUS false
239.255.255.250
 unknown Reserved
unknown unknown false
151.101.65.44
 dualstack.tls13.taboola.map.fastly.net United States
54113 FASTLYUS false
91.228.74.159
 global.px.quantserve.com United Kingdom
27281 QUANTCASTUS false
54.165.187.207
 sync.srv.stackadapt.com United States
14618 AMAZON-AESUS false
35.244.174.68
 idsync.rlcdn.com United States
15169 GOOGLEUS false
52.223.40.198
 match.adsrvr.org United States
8987 AMAZONEXPANSIONGB false
52.204.114.105
 nuimedia-re-1928154753.us-east-1.elb.amazonaws.com United States
14618 AMAZON-AESUS false
37.252.173.215
 ib.anycast.adnxs.com European Union
29990 ASN-APPNEXUS false
185.64.191.210
 pug-lhr-bc.pubmnet.com United Kingdom
62713 AS-PUBMATICUS false
63.140.62.27
 msftenterprise.sc.omtrdc.net United States
15224 OMNITUREUS false
54.247.1.250
 unknown United States
16509 AMAZON-02US false
35.244.159.8
 unknown United States
15169 GOOGLEUS false
87.248.119.251
 dcs-ups.g03.yahoodns.net United Kingdom
203220 YAHOO-DEBDE false
192.132.33.69
 bttrack.com United States
18568 BIDTELLECTUS false
76.223.111.18
 eu-eb2.3lift.com United States
16509 AMAZON-02US false
18.245.86.33
 d1dbivni9lj17y.cloudfront.net United States
16509 AMAZON-02US false
104.18.27.193
 dsum-sec.casalemedia.com United States
13335 CLOUDFLARENETUS false
216.58.206.66
 cm.g.doubleclick.net United States
15169 GOOGLEUS false
54.229.91.192
 unknown United States
16509 AMAZON-02US false
108.128.172.10
 unknown United States
16509 AMAZON-02US false
54.77.224.47
 sync.crwdcntrl.net United States
16509 AMAZON-02US false
34.98.64.218
 us-u.openx.net United States
15169 GOOGLEUS false
142.250.186.164
 www.google.com United States
15169 GOOGLEUS false
157.240.251.35
 star-mini.c10r.facebook.com United States
32934 FACEBOOKUS false
142.250.186.66
 unknown United States
15169 GOOGLEUS false

Private

IP
192.168.2.8

Contacted Domains

Name IP Active
s-part-0016.t-0009.t-msedge.net 13.107.246.44 true
s.tribalfusion.com 172.64.150.63 true
nuimedia-re-1928154753.us-east-1.elb.amazonaws.com 52.204.114.105 true
global.px.quantserve.com 91.228.74.159 true
eu-eb2.3lift.com 76.223.111.18 true
bttrack.com 192.132.33.69 true
adobetarget.data.adobedc.net 66.235.152.221 true
idsync.rlcdn.com 35.244.174.68 true
dualstack.tls13.taboola.map.fastly.net 151.101.65.44 true
sync.crwdcntrl.net 54.77.224.47 true
cm.g.doubleclick.net 216.58.206.66 true
rtb.adentifi.com 18.204.60.8 true
www.google.com 142.250.186.164 true
dcs-ups.g03.yahoodns.net 87.248.119.251 true
dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com 34.240.156.246 true
sync.srv.stackadapt.com 54.165.187.207 true
msftenterprise.sc.omtrdc.net 63.140.62.27 true
match.adsrvr.org 52.223.40.198 true
aragorn-prod-uk-acai-lb.inbake.com 35.177.13.55 true
star-mini.c10r.facebook.com 157.240.251.35 true
us-u.openx.net 34.98.64.218 true
s.twitter.com 104.244.42.131 true
d1dbivni9lj17y.cloudfront.net 18.245.86.33 true
s-part-0017.t-0009.fb-t-msedge.net 13.107.253.45 true
s-part-0017.t-0009.t-msedge.net 13.107.246.45 true
pug-lhr-bc.pubmnet.com 185.64.191.210 true
dsum-sec.casalemedia.com 104.18.27.193 true
a.tribalfusion.com 172.64.150.63 true
ib.anycast.adnxs.com 37.252.173.215 true
www.provideportal.com 40.117.157.87 true
js.monitor.azure.com unknown unknown
ag.innovid.com unknown unknown
idpix.media6degrees.com unknown unknown
img.nui.media unknown unknown
px.owneriq.net unknown unknown
ds.reson8.com unknown unknown
ups.analytics.yahoo.com unknown unknown
cm.everesttech.net unknown unknown
jadserve.postrelease.com unknown unknown
z.clarity.ms unknown unknown
image2.pubmatic.com unknown unknown
www.iis.net unknown unknown
dmpsync.3lift.com unknown unknown
consentdeliveryfd.azurefd.net unknown unknown
dpm.demdex.net unknown unknown
rtd-tm.everesttech.net unknown unknown
servedby.flashtalking.com unknown unknown
www.facebook.com unknown unknown
effectus.nui.media unknown unknown
assets.adobedtm.com unknown unknown
rtd.tubemogul.com unknown unknown
www.clarity.ms unknown unknown
pixel.rubiconproject.com unknown unknown
trc.taboola.com unknown unknown
mscom.demdex.net unknown unknown
play.vidyard.com unknown unknown
analytics.twitter.com unknown unknown
iis-umbraco.azurewebsites.net unknown unknown
cms.quantserve.com unknown unknown
cms.analytics.yahoo.com unknown unknown
ib.adnxs.com unknown unknown
sync.search.spotxchange.com unknown unknown
login.microsoftonline.com unknown unknown
sync-tm.everesttech.net unknown unknown

Contacted URLs

Name Malicious Antivirus Detection Reputation
https://dpm.demdex.net/ibs:dpid=992&dpuuid=hgducloh90vo false
    		high
    https://effectus.nui.media/pipeline/674040/0/vh?ajecscp=1736960981499&z=effectus&dim=602457&kw=&click= false
    • Avira URL Cloud: safe
    		 unknown
    https://www.iis.net/Content/overview.css false
      		high
      https://www.facebook.com/fr/b.php?p=1531105787105294&e=Z4fr_AAAANdrqAOV&t=2592000&o=0 false
        		high
        https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D false
          		high
          https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js false
            		high
            https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTA5Nzg5MjQxMzU1MTQyODk1NTAyOTA5MzkyMjc5MDkzOTIwMTQ=&google_tc= false
              		high
              https://effectus.nui.media/pipeline/674039/0/vh?ajecscp=1736960981509&z=effectus&dim=602464&kw=&click= false
              • Avira URL Cloud: safe
              		 unknown
              https://dpm.demdex.net/ibs:dpid=477&dpuuid=5f05fd322f209d931697992260c1b26ea953cb36f8c4e2819f426fba14a8493db0da87c991749652 false
                		high
                https://www.provideportal.com/iis-85.png false
                • Avira URL Cloud: safe
                		 unknown
                https://effectus.nui.media/pipeline/674039/0/vh?ajecscp=1736960988813&z=effectus&dim=602464&kw=&click= false
                • Avira URL Cloud: safe
                		 unknown
                https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WjRmcl9BQUFBTmRycUFPVg== false
                  		high
                  https://www.iis.net/favicon.ico false
                    		high
                    https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Z4fr_AAAANdrqAOV false
                      		high
                      https://dpm.demdex.net/ibs:dpid=358&dpuuid=557779979202385751 false
                        		high
                        https://www.provideportal.com/ false
                          		unknown
                          https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-1NH5hrhE2pFzO6e5Y1Fj_XVZwSVsHWUlNXc-~A false
                            		high
                            https://mscom.demdex.net/dest5.html?d_nsid=0 false
                              		high
                              https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= false
                                		high
                                https://sync.srv.stackadapt.com/sync?nid=adobe false
                                  		high
                                  https://effectus.nui.media/pipeline/668682/0/vh?ajecscp=1736960973381&z=effectus&dim=668296&kw=&click= false
                                  • Avira URL Cloud: safe
                                  		 unknown
                                  https://rtb.adentifi.com/CookieSyncAdobe false
                                    		high
                                    https://msftenterprise.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=EA76ADE95776D2EC7F000101%40AdobeOrg&mid=50517421273681541960337102840294535041&ts=1736961014416 false
                                      		high
                                      https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTA5Nzg5MjQxMzU1MTQyODk1NTAyOTA5MzkyMjc5MDkzOTIwMTQQABoNCPjXn7wGEgUI6AcQAEIASgA false
                                        		high
                                        https://dpm.demdex.net/ibs:dpid=3047&dpuuid=6224729AEA8D7B&gdpr=0&gdpr_consent= false
                                          		high
                                          https://ag.innovid.com/dv/sync?tid=6 false
                                            		high
                                            https://www.iis.net/Content/downloads.css false
                                              		high
                                              https://www.provideportal.com/favicon.ico false
                                              • Avira URL Cloud: safe
                                              		 unknown
                                              https://effectus.nui.media/pipeline/668682/0/vh?z=effectus&dim=668296&kw=&click= false
                                              • Avira URL Cloud: safe
                                              		 unknown
                                              https://effectus.nui.media/pipeline/680043/0/vh?ajecscp=1736960981415&z=effectus&dim=668296&kw=&click= false
                                              • Avira URL Cloud: safe
                                              		 unknown
                                              https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=50978924135514289550290939227909392014?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} false
                                                		high
                                                https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= false
                                                  		high
                                                  https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID false
                                                    		high
                                                    https://effectus.nui.media/pipeline/680043/0/vh?z=effectus&dim=668296&kw=&click= false
                                                    • Avira URL Cloud: safe
                                                    		 unknown
                                                    https://img.nui.media/banners/media/60/602446/66/668282/1631935228275_Microsoft_Home_Page_Promo_610x48_MSDN1_May14.png false
                                                      		high
                                                      https://effectus.nui.media/pipeline/668290/0/vh?ajecscp=1736960973465&z=effectus&dim=668283&kw=&click= false
                                                      • Avira URL Cloud: safe
                                                      		 unknown
                                                      https://www.iis.net/Content/home.css false
                                                        		high
                                                        https://img.nui.media/banners/media/60/602446/60/602447/1640645301370_EMG_320x55_system_default_placeholder.jpg false
                                                          		high
                                                          https://dpm.demdex.net/ibs:dpid=390122&dpuuid=lrhR-Xu2Vn5xeulD3h3wrAgue70 false
                                                            		high
                                                            https://effectus.nui.media/pipeline/680044/0/vh?z=effectus&dim=668296&kw=&click= false
                                                            • Avira URL Cloud: safe
                                                            		 unknown
                                                            https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=iNxrMduJNT-TjWFliI5-ZY_bNTWT0jFgjd2YaUP9 false
                                                              		high
                                                              https://us-u.openx.net/w/1.0/sd?id=537148856&val=Z4fr_AAAANdrqAOV false
                                                                		high
                                                                https://consentdeliveryfd.azurefd.net/mscc/lib/v2/wcp-consent.js false
                                                                  		high
                                                                  https://effectus.nui.media/pipeline/674040/0/vh?z=effectus&dim=602457&kw=&click= false
                                                                  • Avira URL Cloud: safe
                                                                  		 unknown
                                                                  https://dpm.demdex.net/ibs:dpid=22054 false
                                                                    		high
                                                                    https://dpm.demdex.net/ibs:dpid=782&dpuuid=Z4fr_AAAANdrqAOV false
                                                                      		high