Play interactive tourEdit tour

Windows Analysis Report
https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c

Overview

General Information

Sample URL:	https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991
Analysis ID:	1628517
Infos:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Confidence:	100%

Signatures

AI detected phishing page

Yara detected HtmlPhish54

AI detected suspicious Javascript

Detected use of open redirect vulnerability

Detected non-DNS traffic on DNS port

Detected suspicious crossdomain redirect

Form action URLs do not match main URL

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML page contains obfuscated script src

HTML title does not match URL

Stores files to the Windows start menu directory

Classification

×

Joe Sandbox Signatures

• • Phishing
• • Compliance
• • Networking
• • System Summary
• • Boot Survival

Click to jump to signature section

Show All Signature Results

Phishing

AI detected phishing page

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend	Joe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'tippingtrends.com' does not match the legitimate domain 'microsoft.com'., There is no clear association between 'tippingtrends.com' and Microsoft., The URL does not contain any recognizable Microsoft-related terms., The presence of an email input field on an unrelated domain is suspicious. DOM: 1.0.pages.csv
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	Joe Sandbox AI: Score: 8 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The domain 'workers.dev' is a generic domain often used for cloud services, which can be legitimate but is not directly associated with Microsoft., The subdomain '043d2f62.sgallager' is suspicious and does not relate to any known Microsoft services., The use of a generic domain and unrelated subdomain increases the likelihood of phishing. DOM: 2.8.pages.csv
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The URL uses a subdomain structure that is not associated with Microsoft., The domain 'workers.dev' is a generic domain often used for cloud services, which can be legitimate but is suspicious in this context., The URL contains a random alphanumeric subdomain '043d2f62', which is a common tactic in phishing to obscure the true nature of the site., The email domain 'elpasotexas.gov' is unrelated to Microsoft, which raises further suspicion. DOM: 2.9.pages.csv
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	Joe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The URL uses a subdomain structure that is not associated with Microsoft., The domain 'workers.dev' is a generic domain often used for hosting various services, which can be legitimate but is not directly associated with Microsoft., The presence of a random alphanumeric subdomain '043d2f62' is suspicious and not typical for a legitimate Microsoft service., The email domain 'elpasotexas.gov' does not match the brand 'Microsoft', which could indicate a targeted phishing attempt. DOM: 2.10.pages.csv

Yara detected HtmlPhish54

Source: Yara match	File source: 0.13.i.script.csv, type: HTML
Source: Yara match	File source: 2.6.pages.csv, type: HTML
Source: Yara match	File source: 2.8.pages.csv, type: HTML
Source: Yara match	File source: 2.10.pages.csv, type: HTML
Source: Yara match	File source: 2.11.pages.csv, type: HTML

AI detected suspicious Javascript

Source: 0.7.id.script.csv

Joe Sandbox AI: Detected suspicious JavaScript with source url: https://043d2f62.sgallager.workers.dev/?ref=joedon... The provided JavaScript snippet uses the `atob()` function to decode a base64-encoded string, which contains an HTML document that includes an embedded iframe. This behavior is highly suspicious and indicates potential malicious intent, as it could be used to load and execute remote content without the user's knowledge or consent. The use of obfuscated code and the inclusion of an iframe pointing to an unknown domain (7hdus.ironbridgenyc.com) further increase the risk score. This script demonstrates high-risk indicators, such as dynamic code execution and potential data exfiltration, and should be considered a high-risk security threat.

Detected use of open redirect vulnerability

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Proxy from: r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c to https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c

Form action URLs do not match main URL

Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc

HTML body contains low number of good links

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend	HTTP Parser: Number of links: 0
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov

HTTP Parser: Base64 decoded: <!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1"></head><body style="margin:0;padding:0"><iframe src="https://7hdus.ironbridegenyc.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiO...

HTML page contains obfuscated script src

Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX

HTML title does not match URL

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend

HTTP Parser: Title: Email Verification does not match URL

Found iframes

Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx

HTML body contains password input

Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov

HTTP Parser: <input type="password" .../> found

HTML page is missing a favicon

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No favicon

META author tag missing

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend	HTTP Parser: No <meta name="author".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="author".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="author".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="author".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="author".. found

META copyright tag missing

Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend	HTTP Parser: No <meta name="copyright".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="copyright".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="copyright".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="copyright".. found
Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov	HTTP Parser: No <meta name="copyright".. found

Compliance

Creates a directory in C:\Program Files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Networking

Detected non-DNS traffic on DNS port

Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: r.clickwise.net to https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	HTTP traffic: Redirect from: cck.soundestlink.com to https://tippingtrends.com/.oauth/?omnisendcontactid=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3a+top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend

Connects to IPs without corresponding DNS lookups

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.77.188
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknown	TCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Downloads files from webservers via HTTP

Source: global traffic	HTTP traffic detected: GET /pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c HTTP/1.1Host: r.clickwise.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c HTTP/1.1Host: cck.soundestlink.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend HTTP/1.1Host: tippingtrends.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /.oauth/res/img/micror434wfewf45fgv.png HTTP/1.1Host: tippingtrends.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tippingtrends.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?ref=joedonald%40elpasotexas.gov HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://tippingtrends.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/b0e4a89976ce/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /turnstile/v0/b/b0e4a89976ce/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/91ac18236fc914ed/1741035952275/4a664d95cb431d4be1c970de71285b9ce9a95833628fff65c62b65e215d7e34c/Iu4RN_C6JmkHk5I HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovLzdoZHVzLmlyb25icmlkZWdlbnljLmNvbS8iLCJkb21haW4iOiI3aGR1cy5pcm9uYnJpZGVnZW55Yy5jb20iLCJrZXkiOiJkT05yaUpRTUdaMGgiLCJyZWYiOiJqb2Vkb25hbGRAZWxwYXNvdGV4YXMuZ292IiwiaWF0IjoxNzQxMDM1OTYxLCJleHAiOjE3NDEwMzYwODF9.j1WBTXs47ESAH4oSHbnAvYk7XQWnqPaC4uvHFnc_4F0&ref=joedonald@elpasotexas.gov HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqx HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: portal.microsoftonline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://7hdus.ironbridegenyc.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /elpasotexas.gov/winauth/ssoprobe?client-request-id=88929da1-09f5-42fd-8ed1-249f292a4f14&_=1741035966460 HTTP/1.1Host: autologon.microsoftazuread-sso.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
Source: global traffic	HTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0

Performs DNS lookups

Source: global traffic	DNS traffic detected: DNS query: r.clickwise.net
Source: global traffic	DNS traffic detected: DNS query: cck.soundestlink.com
Source: global traffic	DNS traffic detected: DNS query: tippingtrends.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 043d2f62.sgallager.workers.dev
Source: global traffic	DNS traffic detected: DNS query: cdn.jsdelivr.net
Source: global traffic	DNS traffic detected: DNS query: challenges.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: 7hdus.ironbridegenyc.com
Source: global traffic	DNS traffic detected: DNS query: aadcdn.msftauth.net
Source: global traffic	DNS traffic detected: DNS query: portal.microsoftonline.com
Source: global traffic	DNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
Source: global traffic	DNS traffic detected: DNS query: identity.nel.measure.office.net

Posts data to webserver

Source: unknown

HTTP traffic detected: POST /report/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 631Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Tries to download or post to a non-existing HTTP route (HTTP/1.1 404 Not Found / 503 Service Unavailable / 403 Forbidden)

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 03 Mar 2025 21:05:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: max-age=14400, must-revalidatelink: <https://tippingtrends.com/wp-json/>; rel="https://api.w.org/"vary: Accept-Encodingx-turbo-charged-by: LiteSpeedCF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 91ac17976a684b06-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=2025&min_rtt=2020&rtt_var=761&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1374&delivery_rate=1445544&cwnd=89&unsent_bytes=0&cid=dbb7305d0705b768&ts=936&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 03 Mar 2025 21:05:30 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachex-turbo-charged-by: LiteSpeedcf-cache-status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hncUXiSY5Fe0Kla3xtfbtlDcNrpT8ta79hk3bWjkyKlMQZvXOoEciZHE1O2Ju51czYP6zZB96z96zNS765dYOfMJxDrukVhFm2sEVTMkeZL3k%2FxbzpS8j3nkJNrTB6scsxgh1g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 91ac17a319a5438d-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1592&min_rtt=1586&rtt_var=608&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1347&delivery_rate=1781574&cwnd=227&unsent_bytes=0&cid=941c84baa3ba87a1&ts=387&x=0"
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 09902852-f01e-0014-147f-8c1ca1000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:05 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035965.d12434e5Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:06 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b0eStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cacheContent-Length: 1245Content-Type: text/htmlSet-Cookie: s.SessID=33987534-5692-42e6-8cce-bc4f7e1bb2a2; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: s.SessID=33987534-5692-42e6-8cce-bc4f7e1bb2a2; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: x-portal-routekey=eus; path=/; secure; HttpOnlyx-ms-correlation-id: 13985a50-5611-41b1-87b5-69ac58c916f9X-Content-Type-Options: nosniffX-UA-Compatible: IE=EdgeX-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 89EAAD98F23E403F84440BCD18230A4B Ref B: EWR311000103011 Ref C: 2025-03-03T21:06:06ZDate: Mon, 03 Mar 2025 21:06:06 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 8a288ad8-001e-0088-0180-8c646e000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:06 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b05Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:07 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b92Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 99f209cd-d01e-009b-597f-8c4062000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247a9fStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247ae8Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247aebStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 9132c095-401e-0073-1f7f-8c0c5d000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:10 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035970.d124a1cbStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:12 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035972.d124e84dStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:12 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035972.d124e871Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:42 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036002.d127e8dcStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: a77a5069-c01e-00c1-4a80-8c6dce000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:42 GMTConnection: closeAkamai-GRN: 0.d6df3517.1741036002.959b0530Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:54 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036014.d1292bbdStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:54 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036014.d1292bc4Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:07:09 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036029.d12ac51aStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:07:09 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036029.d12ac59fStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'

Uses HTTPS

Source: unknown	Network traffic detected: HTTP traffic on port 52269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52118
Source: unknown	Network traffic detected: HTTP traffic on port 52028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52079
Source: unknown	Network traffic detected: HTTP traffic on port 52252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52116
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52117
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52115
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52082
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52080
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52081
Source: unknown	Network traffic detected: HTTP traffic on port 52172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52249 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52003
Source: unknown	Network traffic detected: HTTP traffic on port 52178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52248
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52249
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52247
Source: unknown	Network traffic detected: HTTP traffic on port 52017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52130
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52251
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52010
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52252
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52250
Source: unknown	Network traffic detected: HTTP traffic on port 52263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 52189 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52116 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52248 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52255
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52132
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52253
Source: unknown	Network traffic detected: HTTP traffic on port 52045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52133
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52254
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52139
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52258
Source: unknown	Network traffic detected: HTTP traffic on port 52257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52262
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 52180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 52201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 52033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52145
Source: unknown	Network traffic detected: HTTP traffic on port 52251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52266
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52267
Source: unknown	Network traffic detected: HTTP traffic on port 52025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52265
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52028
Source: unknown	Network traffic detected: HTTP traffic on port 52081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52269
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52152
Source: unknown	Network traffic detected: HTTP traffic on port 52254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52118 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49702
Source: unknown	Network traffic detected: HTTP traffic on port 52162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52133 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52033
Source: unknown	Network traffic detected: HTTP traffic on port 52082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52037
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52158
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52159
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52160
Source: unknown	Network traffic detected: HTTP traffic on port 52018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52163
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52164
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52161
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52162
Source: unknown	Network traffic detected: HTTP traffic on port 52259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52073 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52188 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51998
Source: unknown	Network traffic detected: HTTP traffic on port 52027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52115 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52201
Source: unknown	Network traffic detected: HTTP traffic on port 52062 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52045
Source: unknown	Network traffic detected: HTTP traffic on port 52253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52202
Source: unknown	Network traffic detected: HTTP traffic on port 51991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52050
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52171
Source: unknown	Network traffic detected: HTTP traffic on port 52256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52051
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52172
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52173
Source: unknown	Network traffic detected: HTTP traffic on port 52080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52178
Source: unknown	Network traffic detected: HTTP traffic on port 49702 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52056
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52062
Source: unknown	Network traffic detected: HTTP traffic on port 52264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52108
Source: unknown	Network traffic detected: HTTP traffic on port 52159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52117 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52189
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52188
Source: unknown	Network traffic detected: HTTP traffic on port 52173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52073
Source: unknown	Network traffic detected: HTTP traffic on port 52145 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52194
Source: unknown	Network traffic detected: HTTP traffic on port 52258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52261 -> 443

System Summary

Classification label

Source: classification engine

Classification label: mal64.phis.win@23/26@40/259

Creates files inside the program directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Creates files inside the user directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

Spawns processes

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,13785926482354976962,18307201810808027648,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,13785926482354976962,18307201810808027648,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Found graphical window changes (likely an installer)

Source: Window Recorder

Window detected: More than 3 window changes detected

Creates a directory in C:\Program Files

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Boot Survival

Stores files to the Windows start menu directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk