Edit tour

Windows Analysis Report
https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c

Overview

General Information

Sample URL:https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991
Analysis ID:1628517
Infos:

Detection

HTMLPhisher
Score:64
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Yara detected HtmlPhish54
AI detected suspicious Javascript
Detected use of open redirect vulnerability
Detected non-DNS traffic on DNS port
Detected suspicious crossdomain redirect
Form action URLs do not match main URL
HTML body contains low number of good links
HTML page contains hidden javascript code
HTML page contains obfuscated script src
HTML title does not match URL
Stores files to the Windows start menu directory

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6332 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6840 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,13785926482354976962,18307201810808027648,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 5556 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup
SourceRuleDescriptionAuthorStrings
0.13.i.script.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
    2.6.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
      2.8.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
        2.10.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
          2.11.pages.csvJoeSecurity_HtmlPhish_54Yara detected HtmlPhish_54Joe Security
            No Sigma rule has matched
            No Suricata rule has matched

            Click to jump to signature section

            Show All Signature Results

            Phishing

            barindex
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendJoe Sandbox AI: Score: 7 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL 'tippingtrends.com' does not match the legitimate domain 'microsoft.com'., There is no clear association between 'tippingtrends.com' and Microsoft., The URL does not contain any recognizable Microsoft-related terms., The presence of an email input field on an unrelated domain is suspicious. DOM: 1.0.pages.csv
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govJoe Sandbox AI: Score: 8 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The domain 'workers.dev' is a generic domain often used for cloud services, which can be legitimate but is not directly associated with Microsoft., The subdomain '043d2f62.sgallager' is suspicious and does not relate to any known Microsoft services., The use of a generic domain and unrelated subdomain increases the likelihood of phishing. DOM: 2.8.pages.csv
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The URL uses a subdomain structure that is not associated with Microsoft., The domain 'workers.dev' is a generic domain often used for cloud services, which can be legitimate but is suspicious in this context., The URL contains a random alphanumeric subdomain '043d2f62', which is a common tactic in phishing to obscure the true nature of the site., The email domain 'elpasotexas.gov' is unrelated to Microsoft, which raises further suspicion. DOM: 2.9.pages.csv
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govJoe Sandbox AI: Score: 9 Reasons: The brand 'Microsoft' is classified as 'wellknown'., The URL '043d2f62.sgallager.workers.dev' does not match the legitimate domain 'microsoft.com'., The URL uses a subdomain structure that is not associated with Microsoft., The domain 'workers.dev' is a generic domain often used for hosting various services, which can be legitimate but is not directly associated with Microsoft., The presence of a random alphanumeric subdomain '043d2f62' is suspicious and not typical for a legitimate Microsoft service., The email domain 'elpasotexas.gov' does not match the brand 'Microsoft', which could indicate a targeted phishing attempt. DOM: 2.10.pages.csv
            Source: Yara matchFile source: 0.13.i.script.csv, type: HTML
            Source: Yara matchFile source: 2.6.pages.csv, type: HTML
            Source: Yara matchFile source: 2.8.pages.csv, type: HTML
            Source: Yara matchFile source: 2.10.pages.csv, type: HTML
            Source: Yara matchFile source: 2.11.pages.csv, type: HTML
            Source: 0.7.id.script.csvJoe Sandbox AI: Detected suspicious JavaScript with source url: https://043d2f62.sgallager.workers.dev/?ref=joedon... The provided JavaScript snippet uses the `atob()` function to decode a base64-encoded string, which contains an HTML document that includes an embedded iframe. This behavior is highly suspicious and indicates potential malicious intent, as it could be used to load and execute remote content without the user's knowledge or consent. The use of obfuscated code and the inclusion of an iframe pointing to an unknown domain (7hdus.ironbridgenyc.com) further increase the risk score. This script demonstrates high-risk indicators, such as dynamic code execution and potential data exfiltration, and should be considered a high-risk security threat.
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Proxy from: r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c to https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Form action: https://7hdus.ironbridegenyc.com/common/login workers ironbridegenyc
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendHTTP Parser: Number of links: 0
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Number of links: 0
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Base64 decoded: <!doctype html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1"></head><body style="margin:0;padding:0"><iframe src="https://7hdus.ironbridegenyc.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiO...
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendHTTP Parser: Title: Email Verification does not match URL
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: Iframe src: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: <input type="password" .../> found
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No favicon
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendHTTP Parser: No <meta name="author".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="author".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="author".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="author".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="author".. found
            Source: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendHTTP Parser: No <meta name="copyright".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="copyright".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="copyright".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="copyright".. found
            Source: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govHTTP Parser: No <meta name="copyright".. found
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:51978 -> 1.1.1.1:53
            Source: global trafficTCP traffic: 192.168.2.16:52119 -> 1.1.1.1:53
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: r.clickwise.net to https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeHTTP traffic: Redirect from: cck.soundestlink.com to https://tippingtrends.com/.oauth/?omnisendcontactid=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3a+top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 2.23.77.188
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
            Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
            Source: global trafficHTTP traffic detected: GET /pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c HTTP/1.1Host: r.clickwise.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c HTTP/1.1Host: cck.soundestlink.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend HTTP/1.1Host: tippingtrends.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /.oauth/res/img/micror434wfewf45fgv.png HTTP/1.1Host: tippingtrends.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: tippingtrends.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?ref=joedonald%40elpasotexas.gov HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: https://tippingtrends.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/b0e4a89976ce/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js HTTP/1.1Host: cdn.jsdelivr.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /turnstile/v0/b/b0e4a89976ce/api.js HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/ HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=auto HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA9 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/pat/91ac18236fc914ed/1741035952275/4a664d95cb431d4be1c970de71285b9ce9a95833628fff65c62b65e215d7e34c/Iu4RN_C6JmkHk5I HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveCache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1 HTTP/1.1Host: challenges.cloudflare.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovLzdoZHVzLmlyb25icmlkZWdlbnljLmNvbS8iLCJkb21haW4iOiI3aGR1cy5pcm9uYnJpZGVnZW55Yy5jb20iLCJrZXkiOiJkT05yaUpRTUdaMGgiLCJyZWYiOiJqb2Vkb25hbGRAZWxwYXNvdGV4YXMuZ292IiwiaWF0IjoxNzQxMDM1OTYxLCJleHAiOjE3NDEwMzYwODF9.j1WBTXs47ESAH4oSHbnAvYk7XQWnqPaC4uvHFnc_4F0&ref=joedonald@elpasotexas.gov HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqx HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://043d2f62.sgallager.workers.dev/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: portal.microsoftonline.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://7hdus.ironbridegenyc.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /elpasotexas.gov/winauth/ssoprobe?client-request-id=88929da1-09f5-42fd-8ed1-249f292a4f14&_=1741035966460 HTTP/1.1Host: autologon.microsoftazuread-sso.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 043d2f62.sgallager.workers.devConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficHTTP traffic detected: GET /common/GetCredentialType?mkt=en-US HTTP/1.1Host: 7hdus.ironbridegenyc.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: qPdM=dONriJQMGZ0h; qPdM.sig=kScsfepDPJKViBfa6ecLyQHG4Ps; buid=1.AVsAqzBRR7ViQUKp00fjfJvCFakreHKQRANPjYJWI3DqNWYBAABbAA.AQABGgEAAABVrSpeuWamRam2jAF1XRQEueprV3ZEbjFpetCZKfXB4QxUrsZsSBp9eQop7-eyDp3Lp-z56yGAFBLLgXPbCqIgFNVnlYQGIRimHxuWZ9b2nYlpL5ICsBqbJKK29kqIHjQgAA; esctx=PAQABBwEAAABVrSpeuWamRam2jAF1XRQEZdO-N9Znrh2wgBIBO0P2a2NVFEdlceyenGBMRWikXxv_7qxcm7ceAPF2F4T8l7ypyJwr-W_hzPMOxIx6aPRM11Sgw1GdvvqjJkypopj9185lrLmCDQ_8oKJ6bGIvB3fdYxRHEgVho7g5LSi7wOk657cmH1hGCe25xaAUV6S3uU0gAA; esctx-AziUxPHumso=AQABCQEAAABVrSpeuWamRam2jAF1XRQEh9xoLX_EqpjnyRYww940U1CIDZSX4M162MZtnI6qE6lHuXrPY_GT4hCtB4Ng35jcOcOaXsc032w9aJTEl3VjrEVkfQ1Gxf_h6f-9GJjwLvtGEnlaruYr8V1n557hheJ9YRiQ5lgxrTNXXYstZMzAHCAA; fpc=Akhkn9pyPddBu0PkCK9He7G4vjNwAQAAALoQWN8OAAAA; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; brcap=0
            Source: global trafficDNS traffic detected: DNS query: r.clickwise.net
            Source: global trafficDNS traffic detected: DNS query: cck.soundestlink.com
            Source: global trafficDNS traffic detected: DNS query: tippingtrends.com
            Source: global trafficDNS traffic detected: DNS query: www.google.com
            Source: global trafficDNS traffic detected: DNS query: a.nel.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: 043d2f62.sgallager.workers.dev
            Source: global trafficDNS traffic detected: DNS query: cdn.jsdelivr.net
            Source: global trafficDNS traffic detected: DNS query: challenges.cloudflare.com
            Source: global trafficDNS traffic detected: DNS query: 7hdus.ironbridegenyc.com
            Source: global trafficDNS traffic detected: DNS query: aadcdn.msftauth.net
            Source: global trafficDNS traffic detected: DNS query: portal.microsoftonline.com
            Source: global trafficDNS traffic detected: DNS query: autologon.microsoftazuread-sso.com
            Source: global trafficDNS traffic detected: DNS query: identity.nel.measure.office.net
            Source: unknownHTTP traffic detected: POST /report/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3D HTTP/1.1Host: a.nel.cloudflare.comConnection: keep-aliveContent-Length: 631Content-Type: application/reports+jsonUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 03 Mar 2025 21:05:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeexpires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: max-age=14400, must-revalidatelink: <https://tippingtrends.com/wp-json/>; rel="https://api.w.org/"vary: Accept-Encodingx-turbo-charged-by: LiteSpeedCF-Cache-Status: EXPIREDReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 91ac17976a684b06-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=2025&min_rtt=2020&rtt_var=761&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2842&recv_bytes=1374&delivery_rate=1445544&cwnd=89&unsent_bytes=0&cid=dbb7305d0705b768&ts=936&x=0"
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Mon, 03 Mar 2025 21:05:30 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeCache-Control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachex-turbo-charged-by: LiteSpeedcf-cache-status: BYPASSReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hncUXiSY5Fe0Kla3xtfbtlDcNrpT8ta79hk3bWjkyKlMQZvXOoEciZHE1O2Ju51czYP6zZB96z96zNS765dYOfMJxDrukVhFm2sEVTMkeZL3k%2FxbzpS8j3nkJNrTB6scsxgh1g%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 91ac17a319a5438d-EWRalt-svc: h3=":443"; ma=86400server-timing: cfL4;desc="?proto=TCP&rtt=1592&min_rtt=1586&rtt_var=608&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2840&recv_bytes=1347&delivery_rate=1781574&cwnd=227&unsent_bytes=0&cid=941c84baa3ba87a1&ts=387&x=0"
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 09902852-f01e-0014-147f-8c1ca1000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:05 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035965.d12434e5Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:06 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b0eStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-store, no-cacheContent-Length: 1245Content-Type: text/htmlSet-Cookie: s.SessID=33987534-5692-42e6-8cce-bc4f7e1bb2a2; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: s.SessID=33987534-5692-42e6-8cce-bc4f7e1bb2a2; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: x-portal-routekey=eus; path=/; secure; HttpOnlyx-ms-correlation-id: 13985a50-5611-41b1-87b5-69ac58c916f9X-Content-Type-Options: nosniffX-UA-Compatible: IE=EdgeX-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 89EAAD98F23E403F84440BCD18230A4B Ref B: EWR311000103011 Ref C: 2025-03-03T21:06:06ZDate: Mon, 03 Mar 2025 21:06:06 GMTConnection: close
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 8a288ad8-001e-0088-0180-8c646e000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:06 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b05Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:07 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035966.d1244b92Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 99f209cd-d01e-009b-597f-8c4062000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247a9fStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247ae8Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:08 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035968.d1247aebStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 9132c095-401e-0073-1f7f-8c0c5d000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:10 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035970.d124a1cbStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:12 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035972.d124e84dStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:12 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741035972.d124e871Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:42 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036002.d127e8dcStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: a77a5069-c01e-00c1-4a80-8c6dce000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:42 GMTConnection: closeAkamai-GRN: 0.d6df3517.1741036002.959b0530Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:54 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036014.d1292bbdStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:06:54 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036014.d1292bc4Strict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: bb2a181d-601e-0013-027f-8cee20000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:07:09 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036029.d12ac51aStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not Foundcontent-length: 829Content-Type: text/htmlx-ms-error-code: WebContentNotFoundx-ms-request-id: 82e64a30-501e-0085-0d80-8cacba000000x-ms-version: 2018-03-28Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,x-ms-error-code,x-ms-request-id,x-ms-versionAccess-Control-Allow-Origin: *Date: Mon, 03 Mar 2025 21:07:09 GMTConnection: closeAkamai-GRN: 0.c8df3517.1741036029.d12ac59fStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINContent-Security-Policy: default-src * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors * http://* https://* file://* about: javascript: data: blob:; connect-src * data: blob: 'unsafe-inline'
            Source: unknownNetwork traffic detected: HTTP traffic on port 52269 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52118
            Source: unknownNetwork traffic detected: HTTP traffic on port 52028 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52108 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 51998 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52011 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52079
            Source: unknownNetwork traffic detected: HTTP traffic on port 52252 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52116
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52117
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52115
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52082
            Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 51990 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52080
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52081
            Source: unknownNetwork traffic detected: HTTP traffic on port 52172 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52255 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52037 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52186 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52266 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52140 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52249 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52161 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52003
            Source: unknownNetwork traffic detected: HTTP traffic on port 52178 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52248
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52249
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52004
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52247
            Source: unknownNetwork traffic detected: HTTP traffic on port 52017 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52130
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52251
            Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52010
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52252
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52250
            Source: unknownNetwork traffic detected: HTTP traffic on port 52263 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
            Source: unknownNetwork traffic detected: HTTP traffic on port 52189 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
            Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52158 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52116 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52141 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52248 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52003 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52160 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52255
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52256
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52011
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52132
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52253
            Source: unknownNetwork traffic detected: HTTP traffic on port 52045 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52133
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52254
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52017
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52259
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52018
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52139
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52257
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52258
            Source: unknownNetwork traffic detected: HTTP traffic on port 52257 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52102 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52141
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52262
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52263
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52140
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52261
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
            Source: unknownNetwork traffic detected: HTTP traffic on port 52180 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52132 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
            Source: unknownNetwork traffic detected: HTTP traffic on port 52201 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
            Source: unknownNetwork traffic detected: HTTP traffic on port 52033 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52163 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52268 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52024
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52145
            Source: unknownNetwork traffic detected: HTTP traffic on port 52251 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52266
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52025
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52267
            Source: unknownNetwork traffic detected: HTTP traffic on port 52025 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52194 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52264
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52265
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52028
            Source: unknownNetwork traffic detected: HTTP traffic on port 52081 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52268
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52027
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52269
            Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52152
            Source: unknownNetwork traffic detected: HTTP traffic on port 52254 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52152 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52118 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
            Source: unknownNetwork traffic detected: HTTP traffic on port 52162 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
            Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52265 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52133 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52024 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52033
            Source: unknownNetwork traffic detected: HTTP traffic on port 52082 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52037
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52158
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52159
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52160
            Source: unknownNetwork traffic detected: HTTP traffic on port 52018 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52163
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52164
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52161
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52162
            Source: unknownNetwork traffic detected: HTTP traffic on port 52259 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52073 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52050 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52130 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52262 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52056 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52188 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52079 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51997
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51998
            Source: unknownNetwork traffic detected: HTTP traffic on port 52027 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52115 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52010 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51991
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52201
            Source: unknownNetwork traffic detected: HTTP traffic on port 52062 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51990
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52045
            Source: unknownNetwork traffic detected: HTTP traffic on port 52253 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52202
            Source: unknownNetwork traffic detected: HTTP traffic on port 51991 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52050
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52171
            Source: unknownNetwork traffic detected: HTTP traffic on port 52256 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52171 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52051
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52172
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52173
            Source: unknownNetwork traffic detected: HTTP traffic on port 52080 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52051 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52139 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52164 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52267 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52178
            Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52250 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52056
            Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52180
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52186
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52062
            Source: unknownNetwork traffic detected: HTTP traffic on port 52264 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52108
            Source: unknownNetwork traffic detected: HTTP traffic on port 52159 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52247 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52117 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52004 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 51997 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52189
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52102
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52188
            Source: unknownNetwork traffic detected: HTTP traffic on port 52173 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52073
            Source: unknownNetwork traffic detected: HTTP traffic on port 52145 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52194
            Source: unknownNetwork traffic detected: HTTP traffic on port 52258 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52202 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
            Source: unknownNetwork traffic detected: HTTP traffic on port 52261 -> 443
            Source: classification engineClassification label: mal64.phis.win@23/26@40/259
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Program Files\Google\Chrome\Application\Dictionaries
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,13785926482354976962,18307201810808027648,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c"
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=1960,i,13785926482354976962,18307201810808027648,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
            Source: Window RecorderWindow detected: More than 3 window changes detected
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeDirectory created: C:\Program Files\Google\Chrome\Application\Dictionaries
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
            Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
            Gather Victim Identity InformationAcquire Infrastructure1
            Drive-by Compromise
            Windows Management Instrumentation1
            Browser Extensions
            1
            Process Injection
            3
            Masquerading
            OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
            Encrypted Channel
            Exfiltration Over Other Network MediumAbuse Accessibility Features
            CredentialsDomainsDefault AccountsScheduled Task/Job1
            Registry Run Keys / Startup Folder
            1
            Registry Run Keys / Startup Folder
            1
            Process Injection
            LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
            Non-Application Layer Protocol
            Exfiltration Over BluetoothNetwork Denial of Service
            Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
            Web Protocols
            Automated ExfiltrationData Encrypted for Impact
            Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture5
            Application Layer Protocol
            Traffic DuplicationData Destruction
            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA SecretsInternet Connection DiscoverySSHKeylogging3
            Ingress Tool Transfer
            Scheduled TransferData Encrypted for Impact

            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


            windows-stand
            SourceDetectionScannerLabelLink
            https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c0%Avira URL Cloudsafe
            No Antivirus matches
            No Antivirus matches
            No Antivirus matches
            SourceDetectionScannerLabelLink
            https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c0%Avira URL Cloudsafe
            https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend0%Avira URL Cloudsafe
            https://a.nel.cloudflare.com/report/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3D0%Avira URL Cloudsafe
            https://tippingtrends.com/favicon.ico0%Avira URL Cloudsafe
            https://tippingtrends.com/.oauth/res/img/micror434wfewf45fgv.png0%Avira URL Cloudsafe
            https://043d2f62.sgallager.workers.dev/favicon.ico0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp10%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=auto0%Avira URL Cloudsafe
            https://cdn.jsdelivr.net/gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/91ac18236fc914ed/1741035952275/4a664d95cb431d4be1c970de71285b9ce9a95833628fff65c62b65e215d7e34c/Iu4RN_C6JmkHk5I0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqx0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovLzdoZHVzLmlyb25icmlkZWdlbnljLmNvbS8iLCJkb21haW4iOiI3aGR1cy5pcm9uYnJpZGVnZW55Yy5jb20iLCJrZXkiOiJkT05yaUpRTUdaMGgiLCJyZWYiOiJqb2Vkb25hbGRAZWxwYXNvdGV4YXMuZ292IiwiaWF0IjoxNzQxMDM1OTYxLCJleHAiOjE3NDEwMzYwODF9.j1WBTXs47ESAH4oSHbnAvYk7XQWnqPaC4uvHFnc_4F0&ref=joedonald@elpasotexas.gov0%Avira URL Cloudsafe
            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA90%Avira URL Cloudsafe
            https://autologon.microsoftazuread-sso.com/elpasotexas.gov/winauth/ssoprobe?client-request-id=88929da1-09f5-42fd-8ed1-249f292a4f14&_=17410359664600%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/common/instrumentation/dssostatus0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg0%Avira URL Cloudsafe
            https://a.nel.cloudflare.com/report/v4?s=hncUXiSY5Fe0Kla3xtfbtlDcNrpT8ta79hk3bWjkyKlMQZvXOoEciZHE1O2Ju51czYP6zZB96z96zNS765dYOfMJxDrukVhFm2sEVTMkeZL3k%2FxbzpS8j3nkJNrTB6scsxgh1g%3D%3D0%Avira URL Cloudsafe
            https://7hdus.ironbridegenyc.com/common/GetCredentialType?mkt=en-US0%Avira URL Cloudsafe
            NameIPActiveMaliciousAntivirus DetectionReputation
            jsdelivr.map.fastly.net
            151.101.129.229
            truefalse
              high
              a.nel.cloudflare.com
              35.190.80.1
              truefalse
                high
                e329293.dscd.akamaiedge.net
                92.123.12.174
                truefalse
                  high
                  r.clickwise.net
                  206.189.245.37
                  truetrue
                    unknown
                    tippingtrends.com
                    172.67.140.82
                    truetrue
                      unknown
                      7hdus.ironbridegenyc.com
                      173.255.214.149
                      truefalse
                        unknown
                        b-0004.b-msedge.net
                        13.107.6.156
                        truefalse
                          high
                          s-part-0039.t-0009.t-msedge.net
                          13.107.246.67
                          truefalse
                            high
                            a1894.dscb.akamai.net
                            88.221.110.225
                            truefalse
                              high
                              cck.soundestlink.com
                              104.18.42.178
                              truetrue
                                unknown
                                autologon.microsoftazuread-sso.com
                                20.190.159.2
                                truefalse
                                  high
                                  043d2f62.sgallager.workers.dev
                                  104.21.84.142
                                  truetrue
                                    unknown
                                    challenges.cloudflare.com
                                    104.18.95.41
                                    truefalse
                                      high
                                      www.google.com
                                      172.217.18.4
                                      truefalse
                                        high
                                        cdn.jsdelivr.net
                                        unknown
                                        unknownfalse
                                          high
                                          aadcdn.msftauth.net
                                          unknown
                                          unknownfalse
                                            high
                                            portal.microsoftonline.com
                                            unknown
                                            unknownfalse
                                              high
                                              identity.nel.measure.office.net
                                              unknown
                                              unknownfalse
                                                high
                                                NameMaliciousAntivirus DetectionReputation
                                                https://043d2f62.sgallager.workers.dev/favicon.icofalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.jsfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://7hdus.ironbridegenyc.com/index.html//?uuq_tgnqcf=vtwg&tgh=lqgfqpcnf%62gnrcuqvgzcu.iqxfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/91ac18236fc914ed/1741035952275/4a664d95cb431d4be1c970de71285b9ce9a95833628fff65c62b65e215d7e34c/Iu4RN_C6JmkHk5Ifalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://7hdus.ironbridegenyc.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovLzdoZHVzLmlyb25icmlkZWdlbnljLmNvbS8iLCJkb21haW4iOiI3aGR1cy5pcm9uYnJpZGVnZW55Yy5jb20iLCJrZXkiOiJkT05yaUpRTUdaMGgiLCJyZWYiOiJqb2Vkb25hbGRAZWxwYXNvdGV4YXMuZ292IiwiaWF0IjoxNzQxMDM1OTYxLCJleHAiOjE3NDEwMzYwODF9.j1WBTXs47ESAH4oSHbnAvYk7XQWnqPaC4uvHFnc_4F0&ref=joedonald@elpasotexas.govfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://autologon.microsoftazuread-sso.com/elpasotexas.gov/winauth/ssoprobe?client-request-id=88929da1-09f5-42fd-8ed1-249f292a4f14&_=1741035966460false
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.cssfalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://tippingtrends.com/favicon.icofalse
                                                • Avira URL Cloud: safe
                                                unknown
                                                https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311cfalse
                                                  unknown
                                                  https://a.nel.cloudflare.com/report/v4?s=pBvZTdUci22BeZHdJ6GKLTpyH6zphfUMgZcTtercgdDQrM41FQtb4VpszVHnSRGfKxd3llCGa3qiEJHPtW08TRfDVaHnBq92hUaFWlznCb%2FFpJZttaW9joiZNRh93ix%2B%2FxLWDA%3D%3Dfalse
                                                  • Avira URL Cloud: safe
                                                  unknown
                                                  https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallbackfalse
                                                    high
                                                    https://portal.microsoftonline.com/Prefetch/Prefetch.aspxfalse
                                                      high
                                                      https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svgfalse
                                                      • Avira URL Cloud: safe
                                                      unknown
                                                      https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1false
                                                        high
                                                        https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svgfalse
                                                        • Avira URL Cloud: safe
                                                        unknown
                                                        https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.govtrue
                                                          unknown
                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1556917423:1741033563:0hEK1yvXCN2rl_cG1gND-pUF0kSvJIBCuVbzL32nsXM/91ac18236fc914ed/2d5RZUdc4eWhsQ1tQ8Dlux42XQSeBYRNJ_ESiMgr_94-1741035950-1.1.1.1-hQUEtTBp6_XzQBSkGZWAV95ADPYgVq6Wg3neAzsXyNQJiXfTczJzCQIihZIp2bp1false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.jsfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.jsfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=91ac18236fc914ed&lang=autofalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.jsfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svgfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311ctrue
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/common/GetCredentialType?mkt=en-USfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.giffalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisendtrue
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://cdn.jsdelivr.net/gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.jsfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://a.nel.cloudflare.com/report/v4?s=hncUXiSY5Fe0Kla3xtfbtlDcNrpT8ta79hk3bWjkyKlMQZvXOoEciZHE1O2Ju51czYP6zZB96z96zNS765dYOfMJxDrukVhFm2sEVTMkeZL3k%2FxbzpS8j3nkJNrTB6scsxgh1g%3D%3Dfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://tippingtrends.com/.oauth/res/img/micror434wfewf45fgv.pngfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.giffalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://7hdus.ironbridegenyc.com/common/instrumentation/dssostatusfalse
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/91ac18236fc914ed/1741035952275/rOUa4dSN2QXxaA9false
                                                          • Avira URL Cloud: safe
                                                          unknown
                                                          https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2false
                                                            high
                                                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/vvos7/0x4AAAAAAA_C6Y_bz4MO19Rc/auto/fbE/new/normal/auto/false
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.jsfalse
                                                            • Avira URL Cloud: safe
                                                            unknown
                                                            https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+wstfalse
                                                              high
                                                              https://challenges.cloudflare.com/turnstile/v0/b/b0e4a89976ce/api.jsfalse
                                                                high
                                                                • No. of IPs < 25%
                                                                • 25% < No. of IPs < 50%
                                                                • 50% < No. of IPs < 75%
                                                                • 75% < No. of IPs
                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                13.107.6.156
                                                                b-0004.b-msedge.netUnited States
                                                                8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                104.18.42.178
                                                                cck.soundestlink.comUnited States
                                                                13335CLOUDFLARENETUStrue
                                                                151.101.129.229
                                                                jsdelivr.map.fastly.netUnited States
                                                                54113FASTLYUSfalse
                                                                104.18.94.41
                                                                unknownUnited States
                                                                13335CLOUDFLARENETUSfalse
                                                                142.251.40.206
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                142.250.185.202
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                173.255.214.149
                                                                7hdus.ironbridegenyc.comUnited States
                                                                63949LINODE-APLinodeLLCUSfalse
                                                                35.190.80.1
                                                                a.nel.cloudflare.comUnited States
                                                                15169GOOGLEUSfalse
                                                                172.67.140.82
                                                                tippingtrends.comUnited States
                                                                13335CLOUDFLARENETUStrue
                                                                142.250.184.195
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                1.1.1.1
                                                                unknownAustralia
                                                                13335CLOUDFLARENETUSfalse
                                                                108.177.15.84
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                92.123.12.174
                                                                e329293.dscd.akamaiedge.netEuropean Union
                                                                16625AKAMAI-ASUSfalse
                                                                172.217.18.4
                                                                www.google.comUnited States
                                                                15169GOOGLEUSfalse
                                                                172.217.18.3
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                142.250.185.110
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                104.18.95.41
                                                                challenges.cloudflare.comUnited States
                                                                13335CLOUDFLARENETUSfalse
                                                                216.58.206.68
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                142.250.185.170
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                104.21.84.142
                                                                043d2f62.sgallager.workers.devUnited States
                                                                13335CLOUDFLARENETUStrue
                                                                239.255.255.250
                                                                unknownReserved
                                                                unknownunknownfalse
                                                                20.190.159.2
                                                                autologon.microsoftazuread-sso.comUnited States
                                                                8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                142.250.185.174
                                                                unknownUnited States
                                                                15169GOOGLEUSfalse
                                                                206.189.245.37
                                                                r.clickwise.netUnited States
                                                                14061DIGITALOCEAN-ASNUStrue
                                                                40.126.31.0
                                                                unknownUnited States
                                                                8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                88.221.110.225
                                                                a1894.dscb.akamai.netEuropean Union
                                                                20940AKAMAI-ASN1EUfalse
                                                                IP
                                                                192.168.2.17
                                                                192.168.2.16
                                                                Joe Sandbox version:42.0.0 Malachite
                                                                Analysis ID:1628517
                                                                Start date and time:2025-03-03 22:04:49 +01:00
                                                                Joe Sandbox product:CloudBasic
                                                                Overall analysis duration:
                                                                Hypervisor based Inspection enabled:false
                                                                Report type:full
                                                                Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                Sample URL:https://r.clickwise.net/pap?k=1608105173.576&b=&a=59c203522ac2d&u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c
                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                Number of analysed new started processes analysed:13
                                                                Number of new started drivers analysed:0
                                                                Number of existing processes analysed:0
                                                                Number of existing drivers analysed:0
                                                                Number of injected processes analysed:0
                                                                Technologies:
                                                                • EGA enabled
                                                                Analysis Mode:stream
                                                                Analysis stop reason:Timeout
                                                                Detection:MAL
                                                                Classification:mal64.phis.win@23/26@40/259
                                                                • Exclude process from analysis (whitelisted): svchost.exe
                                                                • Excluded IPs from analysis (whitelisted): 142.250.184.195, 142.250.185.110, 108.177.15.84, 142.250.184.238, 142.250.186.110, 142.250.185.202, 216.58.212.170, 142.250.186.106, 142.250.186.138, 172.217.23.106, 142.250.185.106, 142.250.185.234, 216.58.206.74, 142.250.186.170, 172.217.16.202, 142.250.181.234, 216.58.206.42, 142.250.185.170, 142.250.185.74, 142.250.186.74, 142.250.186.42, 142.250.185.238
                                                                • Excluded domains from analysis (whitelisted): clients2.google.com, accounts.google.com, redirector.gvt1.com, content-autofill.googleapis.com, clientservices.googleapis.com, clients.l.google.com
                                                                • Not all processes where analyzed, report is missing behavior information
                                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                • VT rate limit hit for: https://r.clickwise.net/pap?k=1608105173.576&amp;b=&amp;a=59c203522ac2d&amp;u=https://cck.soundestlink.com/ce/c/67bef534ae22ecb432c3d1e3/67c5c41e194c9434286453ad/67c5c4385cb1777757b8e775?signature=3baa54ea59dc991acfde7bc84f6d0ec73c999e9aace33fb1b44378837c35311c
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 3 20:05:24 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2673
                                                                Entropy (8bit):3.9898030231322954
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:A4D3B532A1C152A7A2A60EF6827C6762
                                                                SHA1:0685AD74C6C933A2B59433C8D2712661E8DD4F87
                                                                SHA-256:C0A1AF9751489FAA1D8728C6A9C6B19699DB9C16ADCAF58DAD92C16FBA630A3C
                                                                SHA-512:5E243DA8F3040929BB6E537F546A59F7DFA61A0194A6AFE94DD21BBC5C9A5A25B3C7F423E79109295D9D5DB433CDC4793CDAFC09C86264B4761CDA2CA45D2364
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,.....V5.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VcZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 3 20:05:24 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2675
                                                                Entropy (8bit):4.006029173513351
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:08CEB46AB55EFE064ECE86E96B105A0B
                                                                SHA1:AC776D29BCC88D5E6A8105FB14CC8C1BE5CADDB0
                                                                SHA-256:AD43C5A3A0D9077528AB9E344C9D572671A0C259709749C9E0F566B738D91A01
                                                                SHA-512:10EA09B39CE2C32E1B26D1A0E000EDFD548C323DE702CAD2D51A1541F9D3B9A9B5A0925B61A1E86995C55404D9F14E9241D5919AE55E896D1B9281C28AD0BAF2
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,....J.(.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VcZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2689
                                                                Entropy (8bit):4.01400616185849
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:1787A89211DDCC5C50F10137791F915F
                                                                SHA1:23BF177E9B9DCA46526100D76930C53B77CFFFB4
                                                                SHA-256:9347DB16CF4F98A175DB6F3EBEE04489B1741A903D22E8A3FD647648C31D211A
                                                                SHA-512:3B3C45BDAF7011F3DD24C42B43B6E5E08FF0CBB3C2B943CEF84B5F8BEAC25600FB90EF5D2206BE2C536A060DA69955DF7CA62BD524A10449025B6F6F38839FD6
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 3 20:05:23 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2677
                                                                Entropy (8bit):4.002705992384162
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:BCB967C6675B994B430AA1FF92FD6B75
                                                                SHA1:EF8096BAC7E7289442B664BDE29531434FFED787
                                                                SHA-256:25054F635304968B718FB194FC7324285662CA6712AA2CE6F8027EC3277E1169
                                                                SHA-512:FE5B2396B2A4005C75E518D008A4A6EEC06A673504A7E05C48A3903A4981E951FE769BF34E2FF9A73EFAFC985DEE7350887DEC45FF6FACF6838787504E4148A0
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,....nC".....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VcZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 3 20:05:24 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2677
                                                                Entropy (8bit):3.9923157006229006
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:2AE8C557E21BFA364C8E2D1A69C74B5D
                                                                SHA1:1C66BAE667C2F464C2AA7297ABCF97A1A48D8D0C
                                                                SHA-256:A1E1F81F36425F484457496ADA9B6D59F1683C6C2F8D61FC9AF42D9F1B1370DA
                                                                SHA-512:30042656CFB815916AB92644B63D570731EC340B61A453A44C2E6C57A39AFCBC8A8A8844D161031F790613C4D64CB3C5F5BB646B58F8D85B16F2D9E8AB5F96E7
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,....../.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VcZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Mar 3 20:05:23 2025, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                Category:dropped
                                                                Size (bytes):2679
                                                                Entropy (8bit):4.00114546483417
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:AA2E8E14C991D4B1FE1864E7B15FCF2A
                                                                SHA1:14CB39A7486C3F795E00A7833E02FE2390561DC9
                                                                SHA-256:2A6A91975A1CD20B6CC539C9E75748E4F00AA647E25EB86DA5B3518352881634
                                                                SHA-512:F414AFBC39619F95B1FF5EB23B4C30E6ADE7DA9287E13D765A778932A35D6A1097208E633DA365E8581E2781B2B3EA666AC87060BCA1F04705765B742830AC94
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:L..................F.@.. ...$+.,....Tn......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.IcZ......B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VcZ......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VcZ......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VcZ............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VcZ.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i....................C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):16
                                                                Entropy (8bit):3.625
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:2824F3BA5F591CD0F71B7F459AD29AE5
                                                                SHA1:65369608C6BD54AC4C703B6904D17D7D759878BE
                                                                SHA-256:0C0A807545A0344B360C0F692D284799A2447310C7A9AACF3CB92C22D13E906A
                                                                SHA-512:C1C3FFD34A4E9131B0F68CF6A2A35B62994D55332D18BA06E3464C213D4245B6C89DD55E797317078A3705E265D65AC232E042C8BB9531F65871659EE4DA50DD
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkJttR6Dn8PLRIFDXCu2Qk=?alt=proto
                                                                Preview:CgkKBw1wrtkJGgA=
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (829), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):829
                                                                Entropy (8bit):5.712891217473592
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:A18D0C8B010138434B7531A76A936AB8
                                                                SHA1:569ABC55D1A469FCB1AF83295A369D67EBC25EF4
                                                                SHA-256:24D8C0CE50204EF008676B74D09A4BAD8751D581864533379946E370D69C3A1A
                                                                SHA-512:A1C18F6E6588EEA2BF17CE8164D7CA05DD20211EB20D6A12A11FBEDCC259CFF968590F2BA9076469527B0CAD24267621CDC7E51A31BE5ABFE9CE5983E2994489
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
                                                                Preview:<!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo="></script><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : 82e64a30-501e-0085-0d80-8cacba000000</li><li>TimeStamp : 2025-03-03T21:06:07.2273195Z</li></ul></p></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:SVG Scalable Vector Graphics image
                                                                Category:downloaded
                                                                Size (bytes):3651
                                                                Entropy (8bit):4.094801914706141
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:EE5C8D9FB6248C938FD0DC19370E90BD
                                                                SHA1:D01A22720918B781338B5BBF9202B241A5F99EE4
                                                                SHA-256:04D29248EE3A13A074518C93A18D6EFC491BF1F298F9B87FC989A6AE4B9FAD7A
                                                                SHA-512:C77215B729D0E60C97F075998E88775CD0F813B4D094DC2FDD13E5711D16F4E5993D4521D0FBD5BF7150B0DBE253D88B1B1FF60901F053113C5D7C1919852D58
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
                                                                Preview:<svg xmlns="http://www.w3.org/2000/svg" width="108" height="24" viewBox="0 0 108 24"><title>assets</title><path d="M44.836,4.6V18.4h-2.4V7.583H42.4L38.119,18.4H36.531L32.142,7.583h-.029V18.4H29.9V4.6h3.436L37.3,14.83h.058L41.545,4.6Zm2,1.049a1.268,1.268,0,0,1,.419-.967,1.413,1.413,0,0,1,1-.39,1.392,1.392,0,0,1,1.02.4,1.3,1.3,0,0,1,.4.958,1.248,1.248,0,0,1-.414.953,1.428,1.428,0,0,1-1.01.385A1.4,1.4,0,0,1,47.25,6.6a1.261,1.261,0,0,1-.409-.948M49.41,18.4H47.081V8.507H49.41Zm7.064-1.694a3.213,3.213,0,0,0,1.145-.241,4.811,4.811,0,0,0,1.155-.635V18a4.665,4.665,0,0,1-1.266.481,6.886,6.886,0,0,1-1.554.164,4.707,4.707,0,0,1-4.918-4.908,5.641,5.641,0,0,1,1.4-3.932,5.055,5.055,0,0,1,3.955-1.545,5.414,5.414,0,0,1,1.324.168,4.431,4.431,0,0,1,1.063.39v2.233a4.763,4.763,0,0,0-1.1-.611,3.184,3.184,0,0,0-1.15-.217,2.919,2.919,0,0,0-2.223.9,3.37,3.37,0,0,0-.847,2.416,3.216,3.216,0,0,0,.813,2.338,2.936,2.936,0,0,0,2.209.837M65.4,8.343a2.952,2.952,0,0,1,.5.039,2.1,2.1,0,0,1,.375.1v2.358a2.04,2.04,0,0,0-.
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (829), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):829
                                                                Entropy (8bit):5.711453861286557
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:65192CDDCF43BF5ADD2A605F088BFB3F
                                                                SHA1:BB9F9BF9BA0A90F1D1A2CECCCFFC63BCFBD45A69
                                                                SHA-256:1E8946D43BB41CCF8906614F335FE9242A17DB8B5B35F9FB917A6F891FF51A22
                                                                SHA-512:018EC88490181C9341691ECD59699BA12919D9431AE1B43C59F8316BC008909B2D7B1FCD1E123C53241658929296E650998C32AF3AC9D47B229E3DDC2D696816
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
                                                                Preview:<!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo="></script><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : bb2a181d-601e-0013-027f-8cee20000000</li><li>TimeStamp : 2025-03-03T21:00:21.3596749Z</li></ul></p></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with very long lines (3937)
                                                                Category:dropped
                                                                Size (bytes):5270
                                                                Entropy (8bit):5.474400542516616
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:7B30772ECC161EDE21216D4430829ACB
                                                                SHA1:1323174C192B1E970C4D8AD2D0E95032364C09C6
                                                                SHA-256:4CABA20287EBAA975B3F24090C94A9CAEA10C880B692AC654456900D23996757
                                                                SHA-512:8BC650C655F67F2D9F56503F3E45051F066C03C51ED8F46DF018D2DA9F0B87734199DE51E1A3366D71DBD6823E64B71F75F81BDA62D3282B79A4D3234E5B2FDF
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:/*!. *. * detectIncognito v1.3.7. *. * https://github.com/Joe12387/detectIncognito. *. * MIT License. *. * Copyright (c) 2021 - 2025 Joe Rutkowski <Joe@dreggle.com>. *. * Permission is hereby granted, free of charge, to any person obtaining a copy. * of this software and associated documentation files (the "Software"), to deal. * in the Software without restriction, including without limitation the rights. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell. * copies of the Software, and to permit persons to whom the Software is. * furnished to do so, subject to the following conditions:. *. * The above copyright notice and this permission notice shall be included in all. * copies or substantial portions of the Software.. *. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE. * AUTHOR
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:SVG Scalable Vector Graphics image
                                                                Category:downloaded
                                                                Size (bytes):1864
                                                                Entropy (8bit):5.222032823730197
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:BC3D32A696895F78C19DF6C717586A5D
                                                                SHA1:9191CB156A30A3ED79C44C0A16C95159E8FF689D
                                                                SHA-256:0E88B6FCBB8591EDFD28184FA70A04B6DD3AF8A14367C628EDD7CABA32E58C68
                                                                SHA-512:8D4F38907F3423A86D90575772B292680F7970527D2090FC005F9B096CC81D3F279D59AD76EAFCA30C3D4BBAF2276BBAA753E2A46A149424CF6F1C319DED5A64
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
                                                                Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1920" height="1080" fill="none"><g opacity=".2" clip-path="url(#E)"><path d="M1466.4 1795.2c950.37 0 1720.8-627.52 1720.8-1401.6S2416.77-1008 1466.4-1008-254.4-380.482-254.4 393.6s770.428 1401.6 1720.8 1401.6z" fill="url(#A)"/><path d="M394.2 1815.6c746.58 0 1351.8-493.2 1351.8-1101.6S1140.78-387.6 394.2-387.6-957.6 105.603-957.6 714-352.38 1815.6 394.2 1815.6z" fill="url(#B)"/><path d="M1548.6 1885.2c631.92 0 1144.2-417.45 1144.2-932.4S2180.52 20.4 1548.6 20.4 404.4 437.85 404.4 952.8s512.276 932.4 1144.2 932.4z" fill="url(#C)"/><path d="M265.8 1215.6c690.246 0 1249.8-455.595 1249.8-1017.6S956.046-819.6 265.8-819.6-984-364.005-984 198-424.445 1215.6 265.8 1215.6z" fill="url(#D)"/></g><defs><radialGradient id="A" cx="0" cy="0" r="1" gradientUnits="userSpaceOnUse" gradientTransform="translate(1466.4 393.6) rotate(90) scale(1401.6 1720.8)"><stop stop-color="#107c10"/><stop offset="1" stop-color="#c4c4c4" stop-opacity="0"/></radialGradient><r
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text
                                                                Category:dropped
                                                                Size (bytes):2369
                                                                Entropy (8bit):4.679475824621352
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:7026872245E83DB9CBA1C13BEA09B1D9
                                                                SHA1:57ADBEB4BEC21860F761B9447F29FBF0D07EB2EA
                                                                SHA-256:F7F49DB2598F6E63ED9A97F922F769963D76E0B720E3F20A3F4CD1A45AE0652E
                                                                SHA-512:97C7759FA65BC32C2BEA059D244388F7FD9C198A62538C839BEE2586E6840B66208E8B35A642ABF522F085A6A8E73087921FA3069ACBD07F97253DAD7ACB8711
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:<!doctype html>.<html lang="en-US">.<head>. <meta charset="utf-8">. <meta name="viewport" content="width=device-width, initial-scale=1">. <title>One more step before you proceed...</title>. <script src="https://cdn.jsdelivr.net/gh/Joe12387/detectIncognito@main/dist/es5/detectIncognito.min.js"></script>. <script async defer src="https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback"></script>. <script>. let isPrivateMode = false;.. // Check only for Chrome incognito. detectIncognito().then((result) => {. isPrivateMode = (result.browserName === 'Chrome' && result.isPrivate);. console.log('Is Chrome Incognito:', isPrivateMode);. });.. var verifyCallback_CF = function(response) {. if (response && response.length > 10) {. var cfForm = document.querySelector("#cfForm");. cfForm.querySelector('input[name="chromeIncognito"]').value = isPrivateMode ?
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text
                                                                Category:downloaded
                                                                Size (bytes):689016
                                                                Entropy (8bit):4.210696031972732
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:3B72E939A304CE05F0CEAB4A0AC39DD9
                                                                SHA1:B2CFD3CB1BD0EE53C795E040063D0F55F544D939
                                                                SHA-256:CC58721894324D6F6F53B7FE4CB0D08F923AA75E52506C0A58D29E4390B7CEDD
                                                                SHA-512:F4AF43BA51B76496C98A30F06D9903440C4957E18F82B09D2B9C706CAD5939446D8BAA4353FD0620A2F68CEA79878824CD2313594997F0F8403C13FF767E6112
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/ConvergedLogin_PCore_iO_VLhbr8gXvmCnvbzDI7A2.js
                                                                Preview:!(function (e) {. function n(n) {. for (var t, i, o = n[0], r = n[1], s = 0, c = []; s < o.length; s++). (i = o[s]),. Object.prototype.hasOwnProperty.call(a, i) && a[i] && c.push(a[i][0]),. (a[i] = 0);. for (t in r) Object.prototype.hasOwnProperty.call(r, t) && (e[t] = r[t]);. for (d && d(n); c.length; ) c.shift()();. }. var t,. i = {},. a = { 22: 0 };. function o(n) {. if (i[n]) return i[n].exports;. var t = (i[n] = { i: n, l: !1, exports: {} });. return e[n].call(t.exports, t, t.exports, o), (t.l = !0), t.exports;. }. Function.prototype.bind ||. ((t = Array.prototype.slice),. (Function.prototype.bind = function (e) {. if ("function" != typeof this). throw new TypeError(. "Function.prototype.bind - what is trying to be bound is not callable". );. var n = t.call(arguments, 1),. i = n.length,. a = this,. o = function () {},. r = function () {. return (.
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:Unicode text, UTF-8 text, with very long lines (32115)
                                                                Category:downloaded
                                                                Size (bytes):58358
                                                                Entropy (8bit):5.370472210041869
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:E7C903BC1642B43264E3C6044DA78A36
                                                                SHA1:36F9DF58AFAC3D3D7938F9E2F9D172BADC7DC797
                                                                SHA-256:49E23C4D945A853CC25FDC0EE587DC3FC3F19F672E0B34A24AC81B4BA43F9C2B
                                                                SHA-512:9E9E645777F6F6592BCB15D28838B5164088945D8985FCABEC0DD58226B86F1A04F23A6FA95F207ACAB5E02B20F501715FF26490ABDD067049C6C455D35B58CF
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_58kdvbzctdjk48yetaekng2.js
                                                                Preview:!function(e){function o(n){if(i[n])return i[n].exports;var r=i[n]={exports:{},id:n,loaded:!1};return e[n].call(r.exports,r,r.exports,o),r.loaded=!0,r.exports}var i={};return o.m=e,o.c=i,o.p="",o(0)}([function(e,o,i){i(2);var n=i(1),r=i(5),t=i(6),a=t.StringsVariantId,s=t.AllowedIdentitiesType;n.registerSource("str",function(e,o){if(e.WF_STR_SignupLink_AriaLabel_Text="Create a Microsoft account",e.WF_STR_SignupLink_AriaLabel_Generic_Text="Create a new account",e.CT_STR_CookieBanner_Link_AriaLabel="Learn more about Microsoft's Cookie Policy",e.WF_STR_HeaderDefault_Title=o.iLoginStringsVariantId===a.CombinedSigninSignupV2WelcomeTitle?"Welcome":"Sign in",e.STR_Footer_IcpLicense_Text=".ICP.13015306.-10",o.oAppCobranding&&o.oAppCobranding.friendlyAppName){var i=o.fBreakBrandingSigninString?"to continue to {0}":"Continue to {0}";e.WF_STR_App_Title=r.format(i,o.oAppCobranding.friendlyAppName)}switch(o.oAppCobranding&&o.oAppCobranding.signinDescription&&(e.WF_STR_Default_Desc=o.oAppCobrand
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (3445), with CRLF line terminators
                                                                Category:downloaded
                                                                Size (bytes):3447
                                                                Entropy (8bit):5.1147634913081745
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:ACDEC8DAD3164FBA20E86D50F1B979F1
                                                                SHA1:0C5FD1CCA5BECDB0080D20E6A90CCD91BC0D5894
                                                                SHA-256:1D2CDE2E778A731CBD158758F735E1BCC2508A8252720D261D94068AFF45AACC
                                                                SHA-512:A9D25D79EDF7BD8D668D5833263461B72B077AD3885A05DE749C7F0326BFC7C8D5D2D967E11FF40E52755211774DEC0E913532BC86AEEEC37B243A213CECEEC1
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://login.live.com/Me.htm?v=3
                                                                Preview:<script type="text/javascript">!function(t,e){for(var s in e)t[s]=e[s]}(this,function(t){function e(n){if(s[n])return s[n].exports;var i=s[n]={exports:{},id:n,loaded:!1};return t[n].call(i.exports,i,i.exports,e),i.loaded=!0,i.exports}var s={};return e.m=t,e.c=s,e.p="",e(0)}([function(t,e){function s(t){for(var e=f[S],s=0,n=e.length;s<n;++s)if(e[s]===t)return!0;return!1}function n(t){if(!t)return null;for(var e=t+"=",s=document.cookie.split(";"),n=0,i=s.length;n<i;n++){var a=s[n].replace(/^\s*(\w+)\s*=\s*/,"$1=").replace(/(\s+$)/,"");if(0===a.indexOf(e))return a.substring(e.length)}return null}function i(t,e,s){if(t)for(var n=t.split(":"),i=null,a=0,r=n.length;a<r;++a){var c=null,S=n[a].split("$");if(0===a&&(i=parseInt(S.shift()),!i))return;var l=S.length;if(l>=1){var p=o(i,S[0]);if(!p||s[p])continue;c={signInName:p,idp:"msa",isSignedIn:!0}}if(l>=3&&(c.firstName=o(i,S[1]),c.lastName=o(i,S[2])),l>=4){var f=S[3],d=f.split("|");c.otherHashedAliases=d}if(l>=5){var h=parseInt(S[4],16);h&&(c.
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (829), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):829
                                                                Entropy (8bit):5.7198527308536224
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:A8D8D84BC7D1E9380B77962216D4896D
                                                                SHA1:06BB5BCA518F5ABE3802B7CBC5972C2F988C3261
                                                                SHA-256:AD17E6F4F1B37AD4E93D1805C05FF0791C1FB4BAF1CA3D1D05F08BF21E2794EC
                                                                SHA-512:0B80BDB7303617B4F9569F624BE4B7E18EC29D5E6A2865C3D086EDAB6B29EF017C35CA3D6C9381007CE7BCF5E9E9A0499F8B35658B072B205A5A3129C12F522C
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_80e93b9a4cb13643afca.js
                                                                Preview:<!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo="></script><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : 99f209cd-d01e-009b-597f-8c4062000000</li><li>TimeStamp : 2025-03-03T21:00:22.0865636Z</li></ul></p></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (938), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):938
                                                                Entropy (8bit):5.830839163449463
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:F4A48DF28A65023C7D2DDFBF0B757604
                                                                SHA1:F596883352B5FD4050CEEDD000002328685A1CF3
                                                                SHA-256:536F1DCD4EA35ED8EB981CBCB949A04F1D4BD714F12D121B8D0A7FD14666D2F2
                                                                SHA-512:685697E69C5F86B3E92964DD3DA958DC5D8E69EFE56F396B3D64FC9236598597091754A2F1C93B62961B2363DEF77613BC11FA74B06B74C88C05C9CD3DC07F81
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://043d2f62.sgallager.workers.dev/?ref=joedonald%40elpasotexas.gov
                                                                Preview:<!doctype html><html><head><meta charset="utf-8"></head><body><script>document.write(atob("PCFkb2N0eXBlIGh0bWw+PGh0bWw+PGhlYWQ+PG1ldGEgY2hhcnNldD0idXRmLTgiPjxtZXRhIG5hbWU9InZpZXdwb3J0IiBjb250ZW50PSJ3aWR0aD1kZXZpY2Utd2lkdGgsIGluaXRpYWwtc2NhbGU9MSI+PC9oZWFkPjxib2R5IHN0eWxlPSJtYXJnaW46MDtwYWRkaW5nOjAiPjxpZnJhbWUgc3JjPSJodHRwczovLzdoZHVzLmlyb25icmlkZWdlbnljLmNvbS8/c2lnbj1leUpoYkdjaU9pSklVekkxTmlJc0luUjVjQ0k2SWtwWFZDSjkuZXlKMWNtd2lPaUpvZEhSd2N6b3ZMemRvWkhWekxtbHliMjVpY21sa1pXZGxibmxqTG1OdmJTOGlMQ0prYjIxaGFXNGlPaUkzYUdSMWN5NXBjbTl1WW5KcFpHVm5aVzU1WXk1amIyMGlMQ0pyWlhraU9pSmtUMDV5YVVwUlRVZGFNR2dpTENKeVpXWWlPaUpxYjJWa2IyNWhiR1JBWld4d1lYTnZkR1Y0WVhNdVoyOTJJaXdpYVdGMElqb3hOelF4TURNMU9UWXhMQ0psZUhBaU9qRTNOREV3TXpZd09ERjkuajFXQlRYczQ3RVNBSDRvU0hibkF2WWs3WFFXbnFQYUM0dXZIRm5jXzRGMCZyZWY9am9lZG9uYWxkQGVscGFzb3RleGFzLmdvdiIgc3R5bGU9IndpZHRoOjEwMCU7aGVpZ2h0OjEwMHZoO2JvcmRlcjpub25lOyI+PC9pZnJhbWU+PC9ib2R5PjwvaHRtbD4="));</script></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with very long lines (48238)
                                                                Category:downloaded
                                                                Size (bytes):48239
                                                                Entropy (8bit):5.343293551896254
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:781E3D70AD7285932B560AF603AE0CF5
                                                                SHA1:05DCF1FBCD9BE56DC5FC3C2816EF3C0283C59C1B
                                                                SHA-256:F3C3760A932B9639CC554025300C8917E00F4F62E261086F5606C9E3A30D4836
                                                                SHA-512:05411E974DCEFB50C9D20E932C91EFB50093FE815362893C511DCAC94A87B75436FA68301D8682CEBE49F6792BE61E7F39D5D1F0725A43A5D92F9AC17BD9F82C
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://challenges.cloudflare.com/turnstile/v0/b/b0e4a89976ce/api.js
                                                                Preview:"use strict";(function(){function Ht(e,t,a,o,c,l,v){try{var h=e[l](v),s=h.value}catch(p){a(p);return}h.done?t(s):Promise.resolve(s).then(o,c)}function qt(e){return function(){var t=this,a=arguments;return new Promise(function(o,c){var l=e.apply(t,a);function v(s){Ht(l,o,c,v,h,"next",s)}function h(s){Ht(l,o,c,v,h,"throw",s)}v(void 0)})}}function V(e,t){return t!=null&&typeof Symbol!="undefined"&&t[Symbol.hasInstance]?!!t[Symbol.hasInstance](e):V(e,t)}function De(e,t,a){return t in e?Object.defineProperty(e,t,{value:a,enumerable:!0,configurable:!0,writable:!0}):e[t]=a,e}function Ve(e){for(var t=1;t<arguments.length;t++){var a=arguments[t]!=null?arguments[t]:{},o=Object.keys(a);typeof Object.getOwnPropertySymbols=="function"&&(o=o.concat(Object.getOwnPropertySymbols(a).filter(function(c){return Object.getOwnPropertyDescriptor(a,c).enumerable}))),o.forEach(function(c){De(e,c,a[c])})}return e}function Ir(e,t){var a=Object.keys(e);if(Object.getOwnPropertySymbols){var o=Object.getOwnPropertyS
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (6931)
                                                                Category:downloaded
                                                                Size (bytes):23071
                                                                Entropy (8bit):4.737386140761024
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:66F5D3F14AA45BCFC1101E0384FE648D
                                                                SHA1:859533B71E6DF41510BE469FF194403CF762C314
                                                                SHA-256:0E70A7DD41E85F9BE192A520C217A7D10DF3BFA668DB7AA11ACE4E2429467455
                                                                SHA-512:B764FE60D7CEB9F1F64C1DD6436247D0A012119E0810A21E76DFD4302713D339FD7FCA4F044544195FFD320963C071BF722C201BDA6CED61965AE09A9AC6CA7F
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://tippingtrends.com/.oauth/?omnisendContactID=67bef534ae22ecb432c3d1e3&utm_campaign=campaign%3A+Top+5+endangered+rhinoceros+species+%2867c5c392a6c5f3a509ede21f%29&utm_medium=email&utm_source=omnisend
                                                                Preview:.<!DOCTYPE html>.<html lang="en">.<head>. <meta charset="UTF-8">. <meta name="viewport" content="width=device-width, initial-scale=1.0">. <title>Email Verification</title>. <style>. /* General Reset */. * {. box-sizing: border-box;. margin: 0;. padding: 0;. }.. body {. font-family: system-ui, -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, 'Open Sans', 'Helvetica Neue', sans-serif;. background: linear-gradient(135deg, #F3E6E1, #DCE6DF);. color: #333;. }.. html, body {. height: 100%;. display: flex;. flex-direction: column;. }.. /* Header Styling */. .header {. background-color: #fff;. height: 62px;. padding: 15px 15px;. }.. .header img {. width: 127px;. }.. /* Main Content */. .main {. padding
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (829), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):829
                                                                Entropy (8bit):5.716638377502926
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:C8CB7F05932EBB3AA547EAA6987A4859
                                                                SHA1:74FDE6180E17D7157A83715E9ACA8ED24300D541
                                                                SHA-256:C38FDD58A7C0295BE5E65535B4D0056A3475A3EA3FC5D981582C7F391BF4AC09
                                                                SHA-512:ED3BD2F8645F2B07D04790800981107A7D2FD5B8E5E7A46126D1CED0EEC9E20D31B854BCB2B8F48D784E4070F7DC78DDF3B94947A6868A17A8FEECC71F897B8F
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
                                                                Preview:<!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo="></script><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : 9132c095-401e-0073-1f7f-8c0c5d000000</li><li>TimeStamp : 2025-03-03T21:05:01.2114316Z</li></ul></p></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
                                                                Category:dropped
                                                                Size (bytes):61
                                                                Entropy (8bit):3.990210155325004
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:9246CCA8FC3C00F50035F28E9F6B7F7D
                                                                SHA1:3AA538440F70873B574F40CD793060F53EC17A5D
                                                                SHA-256:C07D7D29E3C20FA6CA4C5D20663688D52BAD13E129AD82CE06B80EB187D9DC84
                                                                SHA-512:A2098304D541DF4C71CDE98E4C4A8FB1746D7EB9677CEBA4B19FF522EFDD981E484224479FD882809196B854DBC5B129962DBA76198D34AAECF7318BD3736C6B
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:.PNG........IHDR...............s....IDAT.....$.....IEND.B`.
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:PNG image data, 31 x 78, 8-bit/color RGB, non-interlaced
                                                                Category:dropped
                                                                Size (bytes):61
                                                                Entropy (8bit):4.022997040570905
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:BBF442317ACC82250D5C6CE19BC4CC2C
                                                                SHA1:3E0100161057A820F1FA1B79B9C71F3154E09D26
                                                                SHA-256:3D6C05122F03CAE1D0F7DC9A2852C6DB4BD5861C9C87AF73B57A6808B455B0EA
                                                                SHA-512:DE2E9B4F948D31D2479BD43E080DB189C134498E2FB7001B43202BD0773CAE8DB8BBEC8751CFA3CA859357C152993F0C4F97899702303A54CE6F040C2AE23CD8
                                                                Malicious:false
                                                                Reputation:unknown
                                                                Preview:.PNG........IHDR.......N.....W.Z<....IDAT.....$.....IEND.B`.
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:HTML document, ASCII text, with very long lines (829), with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):829
                                                                Entropy (8bit):5.7192552450320715
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:1377D48AFEBED171DD1739637FEC0A40
                                                                SHA1:48814DFDDE7D9B669170B72A39D95B05542C8199
                                                                SHA-256:D1B9C543DE3A7EF786C3F05BD09A1543A9B1702FAA7CCB37E5A96584C773A817
                                                                SHA-512:A7506284A36CF1FB50BEF6E8450939EDC1D777AB63F8C38AFC0B4089E0952C79B650B02951564523BB24BE2F3C2577EF1E9A85F83768520923A63CE5D6DFC32B
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_ae573f441ee1cf781ec7.js
                                                                Preview:<!DOCTYPE html><html><head><script src="data:text/javascript;base64,ZnVuY3Rpb24gYygpe2lmKCFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuYiIpIHx8ICFkb2N1bWVudC5xdWVyeVNlbGVjdG9yKCIuZyIpKXtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImIiXX0pKTtkb2N1bWVudC5kb2N1bWVudEVsZW1lbnQuc3R5bGUuZmlsdGVyPSJodWUtcm90YXRlKDRkZWcpIjtkb2N1bWVudC5oZWFkLmFwcGVuZENoaWxkKE9iamVjdC5hc3NpZ24oZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgiZGl2Iikse2NsYXNzTGlzdDpbImciXX0pKTtzZXRUaW1lb3V0KGMsMWUzKX19YygpOwo="></script><title>WebContentNotFound</title></head><body><h1>The requested content does not exist.</h1><p><ul><li>HttpStatusCode: 404</li><li>ErrorCode: WebContentNotFound</li><li>RequestId : 8a288ad8-001e-0088-0180-8c646e000000</li><li>TimeStamp : 2025-03-03T21:06:06.6279291Z</li></ul></p></body></html>
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with no line terminators
                                                                Category:downloaded
                                                                Size (bytes):56
                                                                Entropy (8bit):4.860577243331642
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:F220004BD2C441EC576F73CBEA83D539
                                                                SHA1:127484ECE51FCB705C8FA91681CBE71AFBC06876
                                                                SHA-256:F4014D5129917EE668E2AF3A51054CBF8C6B92DC35741328C643E6CE21B102D3
                                                                SHA-512:5526E094B6DC023E7733B8A77A020BD52BB2D1342DAC93DEB473714E34734F2FB93824403518702DE53F02CDCD201A5B81CCA6FDFCE731D7921A1824A8062AE5
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwlmKHHtGGRLUhIFDdFbUVISBQ1Xevf9EhcJGizdhhwBFTsSBQ3RW1FSEgUNV3r3_Q==?alt=proto
                                                                Preview:ChIKBw3RW1FSGgAKBw1Xevf9GgAKEgoHDdFbUVIaAAoHDVd69/0aAA==
                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                File Type:ASCII text, with very long lines (61177)
                                                                Category:downloaded
                                                                Size (bytes):113424
                                                                Entropy (8bit):5.2850742719795925
                                                                Encrypted:false
                                                                SSDEEP:
                                                                MD5:F3588C5412D4119F95E47073A4A5DF72
                                                                SHA1:3C4B1652E71C25E1CE7DE611FBD17EDBAAE411D9
                                                                SHA-256:6CC79C59F00478CE5D8EAA982EFDD8FC3CC205A7EA023A564BB2688FA206A087
                                                                SHA-512:62886F8BFB32D2BE842A23ECA157556C30EC1D616E2607D9DF1894F702BB7A982EEB3576C95F859B4B8E9183A84D70149A8802F31317F80D4845B02CCFA018F9
                                                                Malicious:false
                                                                Reputation:unknown
                                                                URL:https://7hdus.ironbridegenyc.com/aadcdn.msftauth.net/~/ests/2.1/content/cdnbundles/converged.v2.login.min_81imvbluez-v5hbzpkxfcg2.css
                                                                Preview:/*! Copyright (C) Microsoft Corporation. All rights reserved. *//*!.------------------------------------------- START OF THIRD PARTY NOTICE -----------------------------------------..This file is based on or incorporates material from the projects listed below (Third Party IP). The original copyright notice and the license under which Microsoft received such Third Party IP, are set forth below. Such licenses and notices are provided for informational purposes only. Microsoft licenses the Third Party IP to you under the licensing terms for the Microsoft product. Microsoft reserves all other rights not expressly granted under this agreement, whether by implication, estoppel or otherwise...//-----------------------------------------------------------------------------.twbs-bootstrap-sass (3.3.0).//-----------------------------------------------------------------------------..The MIT License (MIT)..Copyright (c) 2013 Twitter, Inc..Permission is hereby granted, free of charge, to any person
                                                                No static file info