Replying to @sharkfie@infosec.exchange

@sharkfie ok, but like, the question still is: Who/how is this linkage connected.

Lets take 26. as an example:

According to Microsoft records, on or about May 12, 2025, at 19:21 UTC—when, according to ngrok records, the ngrok account was created—the device with the GDID accessed, among other ngrok pages, “dashboard.ngrok.com/signup,” the ngrok page to set up an ngrok account.

ngrok isn't MS & afaik isn't even Azure-hosted. I'm trying to look for a way that MS still would be able to know about the page visit for the device ID without just pulling non-anonymized browsing data from device, lmao.