Edit tour

Windows Analysis Report
https://www.central1.internationalpayments.com/geo/

Overview

General Information

Sample URL:https://www.central1.internationalpayments.com/geo/
Analysis ID:1641942
Infos:

Detection

Score:48
Range:0 - 100
Confidence:100%

Signatures

AI detected phishing page
Creates files inside the system directory
Deletes files inside the Windows folder
Detected non-DNS traffic on DNS port
HTML body contains low number of good links
HTML body contains password input but no form action
HTML title does not match URL

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious
  • System is w10x64_ra
  • chrome.exe (PID: 6852 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: E81F54E6C1129887AEA47E7D092680BF)
    • chrome.exe (PID: 7104 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,14755796366610313676,12459949357668243524,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2016 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
  • chrome.exe (PID: 4072 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.central1.internationalpayments.com/geo/" MD5: E81F54E6C1129887AEA47E7D092680BF)
  • cleanup
No yara matches
No Sigma rule has matched
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results

Phishing

barindex
Source: https://www.central1.internationalpayments.com/geo/#!/Joe Sandbox AI: Score: 8 Reasons: The brand 'Convera' is known and associated with financial services., The URL 'www.central1.internationalpayments.com' does not match the legitimate domain 'convera.com'., The URL contains multiple subdomains and an unusual structure, which is often a tactic used in phishing., The presence of input fields for 'User ID' and 'Password' on a non-legitimate domain is suspicious., The domain 'internationalpayments.com' is generic and not directly associated with 'Convera'. DOM: 1.3.pages.csv
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: Number of links: 0
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: Title: GlobalPay does not match URL
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: <input type="password" .../> found
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No favicon
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No favicon
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No favicon
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No <meta name="author".. found
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No <meta name="author".. found
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No <meta name="copyright".. found
Source: https://www.central1.internationalpayments.com/geo/#!/HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49700 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49701 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.9.123:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.9.123:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49703 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.10.213:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.217.18.4:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.239.157.205:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.224.156.207:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: chrome.exeMemory has grown: Private usage: 1MB later: 38MB
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:61616 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:60493 -> 1.1.1.1:53
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownTCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownTCP traffic detected without corresponding DNS query: 142.250.185.195
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficHTTP traffic detected: GET /geo/ HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /1.10.11/css/jquery.dataTables.min.css HTTP/1.1Host: cdn.datatables.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.central1.internationalpayments.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /responsive/2.0.2/css/responsive.dataTables.min.css HTTP/1.1Host: cdn.datatables.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.central1.internationalpayments.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/styles.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=LZxQrR7r+U1ejZsrZLsgQarmDYEi+1TSm7yUfRi3OxQR6XgzdKuigQtczCxd1waduFR0jcWjBpkWHxvebX5dO0U5wxweSnFmWxXv+Tmkhz19B2KMXgpcXVObB/+EdRDO3Vdd3NYl4iVszyu0v8ju2E/vlSGKtE309hH42bZvsyLFgpVdN64=; AWSALBCORS=OOFsJMwkzonv7Y2WbG1OvKMrwwBWk9WynTiavA8XHE86MV3ILbEssJB80QHy0/rMHi6BRKy9lQI+W/XAL61kRppWGkX0ug/ojKsAi0hZChQvw+WIi1MbIe4ehP1J; JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB
Source: global trafficHTTP traffic detected: GET /geo/theme/ng/css/_wlv_17700_15/gpfi-login.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=LZxQrR7r+U1ejZsrZLsgQarmDYEi+1TSm7yUfRi3OxQR6XgzdKuigQtczCxd1waduFR0jcWjBpkWHxvebX5dO0U5wxweSnFmWxXv+Tmkhz19B2KMXgpcXVObB/+EdRDO3Vdd3NYl4iVszyu0v8ju2E/vlSGKtE309hH42bZvsyLFgpVdN64=; AWSALBCORS=OOFsJMwkzonv7Y2WbG1OvKMrwwBWk9WynTiavA8XHE86MV3ILbEssJB80QHy0/rMHi6BRKy9lQI+W/XAL61kRppWGkX0ug/ojKsAi0hZChQvw+WIi1MbIe4ehP1J; JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB
Source: global trafficHTTP traffic detected: GET /geo/theme/ng/css/_wlv_17700_15/geo-responsive.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=LZxQrR7r+U1ejZsrZLsgQarmDYEi+1TSm7yUfRi3OxQR6XgzdKuigQtczCxd1waduFR0jcWjBpkWHxvebX5dO0U5wxweSnFmWxXv+Tmkhz19B2KMXgpcXVObB/+EdRDO3Vdd3NYl4iVszyu0v8ju2E/vlSGKtE309hH42bZvsyLFgpVdN64=; AWSALBCORS=OOFsJMwkzonv7Y2WbG1OvKMrwwBWk9WynTiavA8XHE86MV3ILbEssJB80QHy0/rMHi6BRKy9lQI+W/XAL61kRppWGkX0ug/ojKsAi0hZChQvw+WIi1MbIe4ehP1J; JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB
Source: global trafficHTTP traffic detected: GET /geo/theme/ng/css/_wlv_17700_15/print.min.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=LZxQrR7r+U1ejZsrZLsgQarmDYEi+1TSm7yUfRi3OxQR6XgzdKuigQtczCxd1waduFR0jcWjBpkWHxvebX5dO0U5wxweSnFmWxXv+Tmkhz19B2KMXgpcXVObB/+EdRDO3Vdd3NYl4iVszyu0v8ju2E/vlSGKtE309hH42bZvsyLFgpVdN64=; AWSALBCORS=OOFsJMwkzonv7Y2WbG1OvKMrwwBWk9WynTiavA8XHE86MV3ILbEssJB80QHy0/rMHi6BRKy9lQI+W/XAL61kRppWGkX0ug/ojKsAi0hZChQvw+WIi1MbIe4ehP1J; JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB
Source: global trafficHTTP traffic detected: GET /geo/ng/ext/print.min.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: AWSALBTGCORS=LZxQrR7r+U1ejZsrZLsgQarmDYEi+1TSm7yUfRi3OxQR6XgzdKuigQtczCxd1waduFR0jcWjBpkWHxvebX5dO0U5wxweSnFmWxXv+Tmkhz19B2KMXgpcXVObB/+EdRDO3Vdd3NYl4iVszyu0v8ju2E/vlSGKtE309hH42bZvsyLFgpVdN64=; AWSALBCORS=OOFsJMwkzonv7Y2WbG1OvKMrwwBWk9WynTiavA8XHE86MV3ILbEssJB80QHy0/rMHi6BRKy9lQI+W/XAL61kRppWGkX0ug/ojKsAi0hZChQvw+WIi1MbIe4ehP1J; JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/common-ext.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/underscore.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/moment.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/angular.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/bootstrap.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /qscripts/quantum-converagpfi.js HTTP/1.1Host: cdn.quantummetric.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.central1.internationalpayments.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/angular-material.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=UqWge/AfMokYpHp59l3MFRcrRyUbxdDFY9o1PfBrXIMyVf5QwJWnVxjQmKdPf620QbPQ+TWwFwnMsBfBVgP+eB1wJibKCJXZSbfBesm/hqxsfwGi55tpoF+d9Qv/s2HGbxbf3Yj210Y5ezmJd/uuIRozhMcZoKN3EmDcxkQeOOuq00pZoc4=; AWSALBCORS=uV7zBcV6BN/vbPupryB5VSX4Z9hLr3c7uST9LF2Dtu0wT4xcy9TKcHtJ1uEagnqdp3dt45t2FybvFruTh70mPOWna4xNwAdR9mncJ543PwUmJLnIl+6oMDSMstAT
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/jquery.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=dm7f9qXb8beMWoV9p94Y3yYYB9LVs5JS8aBmEbXnHDzaUiMTYvaKEt9NWd0XtcSgrAFxTQ62JRBYvXaHRvkKnp6UvOSak0gV+R66U3kOePwVCnBA6gFimipucPYFI4Y8p1YEs4jWUdZSGGbKY9SeIYTRO23D9KdVyD5xk3dxlqKQirBkTkQ=; AWSALBCORS=VecRjhMdDm2sAAo0ayv5nvvrb38jPzgQCpL80Hazsrrj0w7IZUgjmRSN14JmmFElD4QsaNEvGDh0BnJmVtKHuEphIVKJQEL2DcNyV7B3plV+kLEGoTcqByg+YwHI
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/gpfi/app.bundle.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=dm7f9qXb8beMWoV9p94Y3yYYB9LVs5JS8aBmEbXnHDzaUiMTYvaKEt9NWd0XtcSgrAFxTQ62JRBYvXaHRvkKnp6UvOSak0gV+R66U3kOePwVCnBA6gFimipucPYFI4Y8p1YEs4jWUdZSGGbKY9SeIYTRO23D9KdVyD5xk3dxlqKQirBkTkQ=; AWSALBCORS=VecRjhMdDm2sAAo0ayv5nvvrb38jPzgQCpL80Hazsrrj0w7IZUgjmRSN14JmmFElD4QsaNEvGDh0BnJmVtKHuEphIVKJQEL2DcNyV7B3plV+kLEGoTcqByg+YwHI
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/scripts/tiff.min.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=dm7f9qXb8beMWoV9p94Y3yYYB9LVs5JS8aBmEbXnHDzaUiMTYvaKEt9NWd0XtcSgrAFxTQ62JRBYvXaHRvkKnp6UvOSak0gV+R66U3kOePwVCnBA6gFimipucPYFI4Y8p1YEs4jWUdZSGGbKY9SeIYTRO23D9KdVyD5xk3dxlqKQirBkTkQ=; AWSALBCORS=VecRjhMdDm2sAAo0ayv5nvvrb38jPzgQCpL80Hazsrrj0w7IZUgjmRSN14JmmFElD4QsaNEvGDh0BnJmVtKHuEphIVKJQEL2DcNyV7B3plV+kLEGoTcqByg+YwHI
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/scripts/pdf.js?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=dm7f9qXb8beMWoV9p94Y3yYYB9LVs5JS8aBmEbXnHDzaUiMTYvaKEt9NWd0XtcSgrAFxTQ62JRBYvXaHRvkKnp6UvOSak0gV+R66U3kOePwVCnBA6gFimipucPYFI4Y8p1YEs4jWUdZSGGbKY9SeIYTRO23D9KdVyD5xk3dxlqKQirBkTkQ=; AWSALBCORS=VecRjhMdDm2sAAo0ayv5nvvrb38jPzgQCpL80Hazsrrj0w7IZUgjmRSN14JmmFElD4QsaNEvGDh0BnJmVtKHuEphIVKJQEL2DcNyV7B3plV+kLEGoTcqByg+YwHI
Source: global trafficHTTP traffic detected: GET /geo/ng/css/angularPrint.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=dm7f9qXb8beMWoV9p94Y3yYYB9LVs5JS8aBmEbXnHDzaUiMTYvaKEt9NWd0XtcSgrAFxTQ62JRBYvXaHRvkKnp6UvOSak0gV+R66U3kOePwVCnBA6gFimipucPYFI4Y8p1YEs4jWUdZSGGbKY9SeIYTRO23D9KdVyD5xk3dxlqKQirBkTkQ=; AWSALBCORS=VecRjhMdDm2sAAo0ayv5nvvrb38jPzgQCpL80Hazsrrj0w7IZUgjmRSN14JmmFElD4QsaNEvGDh0BnJmVtKHuEphIVKJQEL2DcNyV7B3plV+kLEGoTcqByg+YwHI
Source: global trafficHTTP traffic detected: GET /geo/ng/css/reportPrint.css?2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=ZuTggRdxcWZmm6HHzfBj63ToSmmYK8iAnDMsobK6mfM28YmHu0dnn0YKmN1rVvfHD2INKMZJB2It3oIrW1XH7Zh4RuRSBo1a7TPFCJGs6E1CfXVF8/dJcjkzqd02Spvr867qZhxrAYhAn+riHj2g/ZEJ6Dt07MzZIV62rIfi15sTTycIyc0=; AWSALBCORS=o611bFZVks8d/8s9UB7xB6vilv+IYxZer4YhZ0/duAXMNGbU6nbY8brqk3H6tt9XOCvK/UrjI514V5umTTfGXEayzetq1ulH5vsHtcPXoA7XkAEHb8XiA5vR6X5+
Source: global trafficHTTP traffic detected: GET /geo/services/internationalisation/labels/en_US HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=yBo0wYOv3WIdx/jhqpZEPy9adyLMkSX7pE/LGDyLHEIg6NPA4WTxlJVHV5G42Do5lIhMAqUyG4Pdb1fq3sD1q9IfKrMdeC/fVizOYFKgBnM5xpBadBfEOdLy7KbqYoPQa8IZsxqnxvvFhReDa72MMGB6QHEiC1ZzKqlYJt4Xd6FlSxRFW/0=; AWSALBCORS=jpXjH8EV9gUvOfyhyMUO7UCleMnvl/n+z5miHXdmlgH7DQJYfMQHI6ZT8fTCPYP7I/anshr6oJin2nreuoX+X9fQJNuuQXCPiP02RyZvQleYd8gMfD3N7ySVLVmu
Source: global trafficHTTP traffic detected: GET /geo/services/internationalisation/messages/en_US HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=yBo0wYOv3WIdx/jhqpZEPy9adyLMkSX7pE/LGDyLHEIg6NPA4WTxlJVHV5G42Do5lIhMAqUyG4Pdb1fq3sD1q9IfKrMdeC/fVizOYFKgBnM5xpBadBfEOdLy7KbqYoPQa8IZsxqnxvvFhReDa72MMGB6QHEiC1ZzKqlYJt4Xd6FlSxRFW/0=; AWSALBCORS=jpXjH8EV9gUvOfyhyMUO7UCleMnvl/n+z5miHXdmlgH7DQJYfMQHI6ZT8fTCPYP7I/anshr6oJin2nreuoX+X9fQJNuuQXCPiP02RyZvQleYd8gMfD3N7ySVLVmu
Source: global trafficHTTP traffic detected: GET /geo/theme/images/login-background.jpg? HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=yBo0wYOv3WIdx/jhqpZEPy9adyLMkSX7pE/LGDyLHEIg6NPA4WTxlJVHV5G42Do5lIhMAqUyG4Pdb1fq3sD1q9IfKrMdeC/fVizOYFKgBnM5xpBadBfEOdLy7KbqYoPQa8IZsxqnxvvFhReDa72MMGB6QHEiC1ZzKqlYJt4Xd6FlSxRFW/0=; AWSALBCORS=jpXjH8EV9gUvOfyhyMUO7UCleMnvl/n+z5miHXdmlgH7DQJYfMQHI6ZT8fTCPYP7I/anshr6oJin2nreuoX+X9fQJNuuQXCPiP02RyZvQleYd8gMfD3N7ySVLVmu
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/lazy/auth-controllers-loginCtrl.bundle.js?52e20235c6a4aa3f866c HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=0CMbTwStDPrXoe4WPsDdH+n/TEotST7F4v4EFrCZUWb8GOBb5RC4ZI44cscGoJJXn7nmXrNssh/6UGBZM+6/ZPnuE+Vv4Gq7CbIPoZ2z0RNsPCbQtD1LE8hg/uVU7VCF3N8sAGwnYMsRqulfHh3l8Z9SsZoxXycCezgUqrJZnnU8ne1nUCU=; AWSALBCORS=pbZaqX6DlXg97J+JTLqQF7q3oR+q8z5NAOWYfzW9Usce1sutWV6baRNgMPVebueFF45TFH8gBocRA+J+wqfSFmQogkJCn2vudVfAm1fsmGr2LkL8h8WRD1aGeViu
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/imgs/3faa3eef13649db02044.ttf HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveOrigin: https://www.central1.internationalpayments.comsec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.central1.internationalpayments.com/geo/ng/dist/styles.css?2025.03.20Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=0CMbTwStDPrXoe4WPsDdH+n/TEotST7F4v4EFrCZUWb8GOBb5RC4ZI44cscGoJJXn7nmXrNssh/6UGBZM+6/ZPnuE+Vv4Gq7CbIPoZ2z0RNsPCbQtD1LE8hg/uVU7VCF3N8sAGwnYMsRqulfHh3l8Z9SsZoxXycCezgUqrJZnnU8ne1nUCU=; AWSALBCORS=pbZaqX6DlXg97J+JTLqQF7q3oR+q8z5NAOWYfzW9Usce1sutWV6baRNgMPVebueFF45TFH8gBocRA+J+wqfSFmQogkJCn2vudVfAm1fsmGr2LkL8h8WRD1aGeViu
Source: global trafficHTTP traffic detected: GET /geo/theme/images/login-background.jpg? HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=0CMbTwStDPrXoe4WPsDdH+n/TEotST7F4v4EFrCZUWb8GOBb5RC4ZI44cscGoJJXn7nmXrNssh/6UGBZM+6/ZPnuE+Vv4Gq7CbIPoZ2z0RNsPCbQtD1LE8hg/uVU7VCF3N8sAGwnYMsRqulfHh3l8Z9SsZoxXycCezgUqrJZnnU8ne1nUCU=; AWSALBCORS=pbZaqX6DlXg97J+JTLqQF7q3oR+q8z5NAOWYfzW9Usce1sutWV6baRNgMPVebueFF45TFH8gBocRA+J+wqfSFmQogkJCn2vudVfAm1fsmGr2LkL8h8WRD1aGeViu
Source: global trafficHTTP traffic detected: GET /geo/services/internationalisation/messages/en_US HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=0CMbTwStDPrXoe4WPsDdH+n/TEotST7F4v4EFrCZUWb8GOBb5RC4ZI44cscGoJJXn7nmXrNssh/6UGBZM+6/ZPnuE+Vv4Gq7CbIPoZ2z0RNsPCbQtD1LE8hg/uVU7VCF3N8sAGwnYMsRqulfHh3l8Z9SsZoxXycCezgUqrJZnnU8ne1nUCU=; AWSALBCORS=pbZaqX6DlXg97J+JTLqQF7q3oR+q8z5NAOWYfzW9Usce1sutWV6baRNgMPVebueFF45TFH8gBocRA+J+wqfSFmQogkJCn2vudVfAm1fsmGr2LkL8h8WRD1aGeViu
Source: global trafficHTTP traffic detected: GET /geo/services/internationalisation/labels/en_US HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=0CMbTwStDPrXoe4WPsDdH+n/TEotST7F4v4EFrCZUWb8GOBb5RC4ZI44cscGoJJXn7nmXrNssh/6UGBZM+6/ZPnuE+Vv4Gq7CbIPoZ2z0RNsPCbQtD1LE8hg/uVU7VCF3N8sAGwnYMsRqulfHh3l8Z9SsZoxXycCezgUqrJZnnU8ne1nUCU=; AWSALBCORS=pbZaqX6DlXg97J+JTLqQF7q3oR+q8z5NAOWYfzW9Usce1sutWV6baRNgMPVebueFF45TFH8gBocRA+J+wqfSFmQogkJCn2vudVfAm1fsmGr2LkL8h8WRD1aGeViu
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/2f1f3b6ebae76309abb0login.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/htmlsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=5dAtqG6rCzC7Vny3L1qDr5E2BN0Sd6Jb0ygZMhRVb2xKIYPuZseXSnEHdlesTEb65gE9DFXLJ/ezj9R4O/AvHdL9J3UfJrdTKwh4Jcyor6fftWsGb88MT0Y1ppcp1NP+DtHJwefovWSyP4N49X9vS6Kmb4vr+sHyVmK1PpcgNbNP6RUW8EE=; AWSALBCORS=fvLQvQmQIJ9JKAl9s7nVXIM/IsaG8Cd0Vwn4xB7Hdqxp7f5jGIowNIC00fHlUan/kjNtMWFrNsquzr/uPvFLkNh74tJrdbUxHcUuCH7SBOdlDPUpUgAfrnB9KQJ9
Source: global trafficHTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; AWSALBTGCORS=5NS22T7Pao3NqbkZ2Wrx+wB7Qx1fqbbq5cEo92IcjIKvHROZPafd5HZ4X4bSqx0/gN9lOyq7NSww4AStysMujivBt+tsO9iI/NyPDzse9BVgnXcRgV/+3gY3sAMY/30mM7bwFZVZA/DAgLndYwysibtXIkSxDOWJJzx6swBFwYOaLYvqsoE=; AWSALBCORS=eVFTFV1XvTfqwZQrrAkqPOtWy7D5r3HpEbvNjJUPnpoSlMyE/jqmjPrfVAJ0yHe0QwnV7v4pkVLXrHafy7/ZulEAbIxhvT3arNsskCdLAdqZi7MGPWaqv5pK+5oF
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311446163&S=0&N=0&P=0&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/2f1f3b6ebae76309abb0login.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=azQal2trTJnTUIQDoeKfwd64nwdo2o9//ugqCLWVnDSmmjMbjD+Fu1f941yWboc4YjTN/rp0vfXQ7z0OsaclJksYl8dXsRsJ88YB6CICtmafTpMJHxw1qHu+ho5qAjpiQI1Yv0fF4wL2HVDpVCC1Ufp+NghKG91/IeqWsvwlcDehqBCsmdg=; AWSALBCORS=+0n5A1kQD1m1PZnRZRRPyiHKp99yKuSf88UZ6AdRyOOP9YGgH4DlBytuMQqo5QTw3FcZi3KLvnbueGRxdMXgWYyykW6G66iZ073m9GRzYtZXnwuk9UC9zozqXdfi
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/2e2d6b2b1436edf549b2gpfi-status-message-directive.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=azQal2trTJnTUIQDoeKfwd64nwdo2o9//ugqCLWVnDSmmjMbjD+Fu1f941yWboc4YjTN/rp0vfXQ7z0OsaclJksYl8dXsRsJ88YB6CICtmafTpMJHxw1qHu+ho5qAjpiQI1Yv0fF4wL2HVDpVCC1Ufp+NghKG91/IeqWsvwlcDehqBCsmdg=; AWSALBCORS=+0n5A1kQD1m1PZnRZRRPyiHKp99yKuSf88UZ6AdRyOOP9YGgH4DlBytuMQqo5QTw3FcZi3KLvnbueGRxdMXgWYyykW6G66iZ073m9GRzYtZXnwuk9UC9zozqXdfi
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447018&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=1&Y=1&X=34353f34984640027d921ffce634aa35&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447021&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&U=d076fe6be04a5f5db59f937ac60aecfa&Q=2&S=0&N=0&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/2e2d6b2b1436edf549b2gpfi-status-message-directive.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: JSESSIONID=D07EFEC5FC3FF26F0877EE7CC479EABB; QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=teNnjDZeyjrQ3dTvhf3VbMlMZXice10K4hCc8kjSA3DwgIub8bH0GRL+7DgZsy35a9+LJCeLWWRRpwtFUH+V1onMd2A5v5P/IVhnxAabDaFVYnIqfn6lymHALlGHnYczbfmwzyo7qF4S9aAthoNnTmdKyH8ppm3AtTtWiOJMksu5NNSWx7k=; AWSALBCORS=MjsLSxigodAucZtaTyOXmTqPCHpY0tL5dtYL+uIMVmX95L6D9bcOKVSMEZDHIM7TdxElOBqYsBUrV+ZmMyvgtcL9jvc0FuMTFUYv2pTtzJYxhjN1gqow+G9AJfk2
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/lazy/auth-partials-loginForm-html.bundle.js?ccff7d6f77cc84b0b714 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=uujp7cMMeEpdgIHV2BIr4ud+r82pw1m8k4wEdsy2pb6qAO1GVqZeMeCE9UKKKO2gF023c315v9c16qJuIqpq0w42ZkG6p+r+Q4Lw7YzSTHc8OMNcwXFn4McaYAYOYZ0V3aP1uyp4TcTdJ4I/acMRAWdDKuby8tRp2PPr5eiZC6GBXLQnoDQ=; AWSALBCORS=+dDxLwhZoRK0omT4Zjt6YrOSm6DyAjdT8u3BG05HV5Lf9y6LWySAI4rH4RAzo83F9lEX8rl9tzD6u/TNAO8vB3G9ce2b5QDOE30b/eau8Hj8AidXr6Ge3tvChC37; JSESSIONID=28B8E2E708BAE589909CC0757C157E8F
Source: global trafficHTTP traffic detected: GET /geo/services/sync HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=uujp7cMMeEpdgIHV2BIr4ud+r82pw1m8k4wEdsy2pb6qAO1GVqZeMeCE9UKKKO2gF023c315v9c16qJuIqpq0w42ZkG6p+r+Q4Lw7YzSTHc8OMNcwXFn4McaYAYOYZ0V3aP1uyp4TcTdJ4I/acMRAWdDKuby8tRp2PPr5eiZC6GBXLQnoDQ=; AWSALBCORS=+dDxLwhZoRK0omT4Zjt6YrOSm6DyAjdT8u3BG05HV5Lf9y6LWySAI4rH4RAzo83F9lEX8rl9tzD6u/TNAO8vB3G9ce2b5QDOE30b/eau8Hj8AidXr6Ge3tvChC37; JSESSIONID=28B8E2E708BAE589909CC0757C157E8F
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/lazy/auth-controllers-loginFormCtrl.bundle.js?e28e7cecfc463b414619 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; AWSALBTGCORS=uujp7cMMeEpdgIHV2BIr4ud+r82pw1m8k4wEdsy2pb6qAO1GVqZeMeCE9UKKKO2gF023c315v9c16qJuIqpq0w42ZkG6p+r+Q4Lw7YzSTHc8OMNcwXFn4McaYAYOYZ0V3aP1uyp4TcTdJ4I/acMRAWdDKuby8tRp2PPr5eiZC6GBXLQnoDQ=; AWSALBCORS=+dDxLwhZoRK0omT4Zjt6YrOSm6DyAjdT8u3BG05HV5Lf9y6LWySAI4rH4RAzo83F9lEX8rl9tzD6u/TNAO8vB3G9ce2b5QDOE30b/eau8Hj8AidXr6Ge3tvChC37; JSESSIONID=28B8E2E708BAE589909CC0757C157E8F
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447913&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1267&N=7&P=1&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/011a0bd4e9c9b1089025loginForm.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=lpIS/xjJQ54Gsof4qvVBiC9jx1a5vMiejmw1BZHb7+wuLmEBEu7KUFiPMFK8QDrVW0ncVeoYEBmPHyAIg67ExIBltiu3ss2XV5ZGCS54eHHmFcjPP78jND9NBY4ZKaaRkvXejV1wI66zYXG3K9fD1VL/TicDxe21Eq0YD3J6F9BzR9pK/XI=; AWSALBCORS=z4SLCXC+tYnrthrbncyat+KoURE8WifR+ITNVPemnK5ELLs37cgH32pRWd3gvP5GfX5QF4RHg8hCKnvozonvdvJ10Q2RR41e9Xcr7F0OgdDFKa8ql6eVVgp3K8Hh
Source: global trafficHTTP traffic detected: GET /geo/theme/images/_wlv_17700_15/login-logo.png HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=Rmv0al6vbElBa9gO4sWuZcexK5A7lEYkCOixAKWFPgmfEyDV/JWtIbwhBNw+bSj43JlvjQMSmjL7PWdSAS9y6ZQqXv41zbldXiZ+6K0/o1JRDsKyi/jT3UlN8yX/AuUdXSaouDajCYizQ1mObLxLR8szcnbI1Axdk0FVqCNFdfMOuhrdhEg=; AWSALBCORS=QLx92HUG3Bee0bVOfkbpY5Fwvj5S87jBd/GrI7Y2ZUoTZSoYePIrjH5JVFGUWkYUjujVEpWkaH/LUjqFoy785ta4J0agp6cBrEn4olWve33CFdES0tk861ARXj3D
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/011a0bd4e9c9b1089025loginForm.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=Rmv0al6vbElBa9gO4sWuZcexK5A7lEYkCOixAKWFPgmfEyDV/JWtIbwhBNw+bSj43JlvjQMSmjL7PWdSAS9y6ZQqXv41zbldXiZ+6K0/o1JRDsKyi/jT3UlN8yX/AuUdXSaouDajCYizQ1mObLxLR8szcnbI1Axdk0FVqCNFdfMOuhrdhEg=; AWSALBCORS=QLx92HUG3Bee0bVOfkbpY5Fwvj5S87jBd/GrI7Y2ZUoTZSoYePIrjH5JVFGUWkYUjujVEpWkaH/LUjqFoy785ta4J0agp6cBrEn4olWve33CFdES0tk861ARXj3D
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311451175&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1486&N=12&P=2&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/theme/images/_wlv_17700_15/login-logo.png HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=LYLMuy4MXaJ406rEulcN4vnbMxQEArGecfGRvfbdCOcBy5FWuaoUAzcbjRgZ60o9YB+OhX/++aZTcdYRhQ8QTRpp9IYMDBo2IwXSvEVPskcpTfzge8ClTxTZAj21sHWZNI4CBTBBdBzX8LJ4tEFQEm8d/Z2+jy9FbQPsLotptw8b74qQWEM=; AWSALBCORS=gxPW2/iBuiYZjDJv/Gldw8HQe2P6wQwcDhhsRyPMX+lC4nPr47htvGbVJXnvFydIKtwXn66hdnlY3c5QoH+Ydj5rnEQUaH+lLbuZcAwNN5PcmY2l2DQQ+kZH/Kwi
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311452163&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=612&N=1&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: */*If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311456186&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=39173&N=64&P=3&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311457110&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1517&N=2&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/lazy/auth-partials-recoverUser-html.bundle.js?c0a85d4ab5754088de86 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=5+WJQW5VU8+ihNx7w6w4v8SGAccJkukGyWADzF+O3/pQebK1DTyVspwC+AmFI/qJm/tIDU/QdleZRCa/Ep/RPtlZcReJnAa8HsQvZzcVxv62HJFxnU/6pzrHmpEmYAvvTAx/6hQUmTDQ2nLPgAHg4Mj2XaIhgmx26SVoY6IH48gp4qM9XgU=; AWSALBCORS=KX3sahIGvm2+KzBBW3m+apjd4eYq3idxu5vxnPl3SE/kzC/OEblE6Rp45Ig6Fx4zjQuZGTzCqn/aeBm3i87MWDZD5AgcRyjwoX1y9tETU2lD1isJOlBeBdo77HAr
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/lazy/auth-controllers-userRecoveryCtrl.bundle.js?9f38f50da808ab558cfd HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=5+WJQW5VU8+ihNx7w6w4v8SGAccJkukGyWADzF+O3/pQebK1DTyVspwC+AmFI/qJm/tIDU/QdleZRCa/Ep/RPtlZcReJnAa8HsQvZzcVxv62HJFxnU/6pzrHmpEmYAvvTAx/6hQUmTDQ2nLPgAHg4Mj2XaIhgmx26SVoY6IH48gp4qM9XgU=; AWSALBCORS=KX3sahIGvm2+KzBBW3m+apjd4eYq3idxu5vxnPl3SE/kzC/OEblE6Rp45Ig6Fx4zjQuZGTzCqn/aeBm3i87MWDZD5AgcRyjwoX1y9tETU2lD1isJOlBeBdo77HAr
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311461196&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=42603&N=130&P=4&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/79a7ff684338779cfb6crecoverUser.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: application/json, text/plain, */*sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=Wqe7XzdgloQ6NZCIxbWrWX0NpevktIrKZ/+++/9n//3ta5QAFH2y1hRzxxpnP5dHHMmy7bfkePc5czF43GJZDHkcyE5iyUQAHpnxH1uYV/hwd8GQcY6fYzxDJ40CfZOrW0Da/048M+xsTQmGzDuZC+NCSjf/yGVeCtrQLj6IJ100rZmNy4c=; AWSALBCORS=LKDyDhqGxJg9yEuKA10mvfKKYFBI1/9x8urqFVrM0PKckPOHpT2j+aUirA9ANljQ3rX9rofppSr8sMNWAjQ3FjPz2OLXuAfZciJOvJlbiSJ1l/02S/ll0ossKuAW
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311462106&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1641&N=3&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /geo/ng/dist/partial/79a7ff684338779cfb6crecoverUser.html?v=2025.03.20 HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=TJ3ycVc/+rkgzgabEQAlb0gabyJcdsPeXPibFV51qyGkul3P8FXoO0WkXdDJ9yNl7Qhsw+uKQAd3c4F6zp4pbDyMt9auveVCx8ZPchwtbjW3Zre8f52ZxL7b+TowJUSZF8Z2Xhnowsifrftj533+BCp2Pm4xoSTiIWq8nSpW8N93H4+sb7E=; AWSALBCORS=+i94FFONIHPAqBTOJcnLapwbQSJqqJOWdl1AGWKsL7+wfKCtO4WygCmvBdOZnDSUaRrt++TdEpWqR6iZ1zJf2BaMFch64L8vWDsD27HGFxmSHOaowuvj3q2IbdNv
Source: global trafficHTTP traffic detected: GET /geo/theme/images/_wlv_17700_15/password-reset-logo.png HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.central1.internationalpayments.com/geo/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=TJ3ycVc/+rkgzgabEQAlb0gabyJcdsPeXPibFV51qyGkul3P8FXoO0WkXdDJ9yNl7Qhsw+uKQAd3c4F6zp4pbDyMt9auveVCx8ZPchwtbjW3Zre8f52ZxL7b+TowJUSZF8Z2Xhnowsifrftj533+BCp2Pm4xoSTiIWq8nSpW8N93H4+sb7E=; AWSALBCORS=+i94FFONIHPAqBTOJcnLapwbQSJqqJOWdl1AGWKsL7+wfKCtO4WygCmvBdOZnDSUaRrt++TdEpWqR6iZ1zJf2BaMFch64L8vWDsD27HGFxmSHOaowuvj3q2IbdNv
Source: global trafficHTTP traffic detected: GET /geo/theme/images/_wlv_17700_15/password-reset-logo.png HTTP/1.1Host: www.central1.internationalpayments.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: QuantumMetricSessionID=f7fcbf3307f933e5b8865020128d82c1; QuantumMetricUserID=d076fe6be04a5f5db59f937ac60aecfa; JSESSIONID=840394523253E058633CB3175315C8F9; AWSALBTGCORS=yGExnjWhLhOLJ/qOZvd4bOg6DBZyHk5OE8+kMdHy+5MRgfYnDOTWXyRiPG4go1HjMttv0Fn3ASVQH31PXQ8bhMFRwENazlPhAFWL0NqImq7tG0qho7sk7q8UHqKm/YlZhLp497XxShngsArfIuOweE3RXYbAEmXa5cCPJFltoi77ZgtrQQA=; AWSALBCORS=OoXMNsb9uOvNOSG7SyY5ueI/CMDTFtL8T3wDh6htJ2wLwcyJMz1x7Guv33KyrPa5VqvlcerFiCYgFi8SRBtCxjnaI8zxhXeyXyfZhjw9pZ6HKs5Lbh3gR4Jceban
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311466199&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=46298&N=181&P=5&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311467037&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=2924&N=4&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.central1.internationalpayments.com
Source: global trafficDNS traffic detected: DNS query: cdn.datatables.net
Source: global trafficDNS traffic detected: DNS query: cdn.quantummetric.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: ingest.quantummetric.com
Source: unknownHTTP traffic detected: POST /horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311446163&S=0&N=0&P=0&z=1 HTTP/1.1Host: ingest.quantummetric.comConnection: keep-aliveContent-Length: 773sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: text/plainsec-ch-ua-mobile: ?0Accept: */*Origin: https://www.central1.internationalpayments.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/html; charset=iso-8859-1Content-Length: 209Connection: closeDate: Tue, 18 Mar 2025 15:24:08 GMTServer: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fipsX-Cache: Error from cloudfrontVia: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)X-Amz-Cf-Pop: FRA56-P5X-Amz-Cf-Id: xPdm3pREgZYp-KP-CJlbFarC54U5MBXqL4TVPBpZiVq4qi7Ek6pA4Q==X-XSS-Protection: 1; mode=blockX-Content-Type-Options: nosniffStrict-Transport-Security: max-age=31536000
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 61631 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60508 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61639 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60500 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60499
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61623
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60497
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61624
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60496
Source: unknownNetwork traffic detected: HTTP traffic on port 61619 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61625
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61626
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61627
Source: unknownNetwork traffic detected: HTTP traffic on port 61640 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61629
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 61625 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61620
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61621
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 60503 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61651 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61635
Source: unknownNetwork traffic detected: HTTP traffic on port 60514 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49700 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61638
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61639
Source: unknownNetwork traffic detected: HTTP traffic on port 61620 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61631
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61632
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
Source: unknownNetwork traffic detected: HTTP traffic on port 60502 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61617 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61647
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61649
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 61623 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 60511 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61640
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61642
Source: unknownNetwork traffic detected: HTTP traffic on port 60496 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49734 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 61626 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49673
Source: unknownNetwork traffic detected: HTTP traffic on port 61632 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60505 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60516 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61650
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61651
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49700
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61629 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61635 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61650 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60504 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60513 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61621 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60509
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49679 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60508
Source: unknownNetwork traffic detected: HTTP traffic on port 60507 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61638 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61618 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60507
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60506
Source: unknownNetwork traffic detected: HTTP traffic on port 61624 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60505
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60504
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60503
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
Source: unknownNetwork traffic detected: HTTP traffic on port 60499 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60502
Source: unknownNetwork traffic detected: HTTP traffic on port 60510 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60501
Source: unknownNetwork traffic detected: HTTP traffic on port 61649 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60500
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 61627 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60506 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60510
Source: unknownNetwork traffic detected: HTTP traffic on port 61642 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60515 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49722 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60516
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60515
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60514
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60513
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60512
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 60511
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 60501 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61619
Source: unknownNetwork traffic detected: HTTP traffic on port 60512 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 60509 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61617
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 61618
Source: unknownNetwork traffic detected: HTTP traffic on port 60497 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 61647 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49700 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49701 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.9.123:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.26.9.123:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49703 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49702 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.16:443 -> 192.168.2.16:49704 version: TLS 1.2
Source: unknownHTTPS traffic detected: 104.18.10.213:443 -> 192.168.2.16:49722 version: TLS 1.2
Source: unknownHTTPS traffic detected: 172.217.18.4:443 -> 192.168.2.16:49724 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49743 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.66.112.93:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.239.157.205:443 -> 192.168.2.16:49749 version: TLS 1.2
Source: unknownHTTPS traffic detected: 35.224.156.207:443 -> 192.168.2.16:49755 version: TLS 1.2
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Windows\SystemTemp\scoped_dir6852_426034404
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile deleted: C:\Windows\SystemTemp\scoped_dir6852_426034404
Source: classification engineClassification label: mal48.phis.win@22/43@16/189
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,14755796366610313676,12459949357668243524,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2016 /prefetch:3
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.central1.internationalpayments.com/geo/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=2068,i,14755796366610313676,12459949357668243524,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2016 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: Window RecorderWindow detected: More than 3 window changes detected
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath Interception1
Process Injection
1
Masquerading
OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel
Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Extra Window Memory Injection
1
Process Injection
LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media4
Non-Application Layer Protocol
Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
File Deletion
Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive5
Application Layer Protocol
Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Extra Window Memory Injection
NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture3
Ingress Tool Transfer
Traffic DuplicationData Destruction

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
https://www.central1.internationalpayments.com/geo/0%Avira URL Cloudsafe
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://www.central1.internationalpayments.com/geo/ng/dist/bootstrap.bundle.js?2025.03.200%Avira URL Cloudsafe
https://cdn.datatables.net/1.10.11/css/jquery.dataTables.min.css0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/geo-responsive.css?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/gpfi-login.css?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/angular-material.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/ext/print.min.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/print.min.css?2025.03.200%Avira URL Cloudsafe
https://cdn.quantummetric.com/qscripts/quantum-converagpfi.js0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/common-ext.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/moment.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/angular.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/styles.css?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/underscore.bundle.js?2025.03.200%Avira URL Cloudsafe
https://cdn.datatables.net/responsive/2.0.2/css/responsive.dataTables.min.css0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/partial/2e2d6b2b1436edf549b2gpfi-status-message-directive.html?v=2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/images/login-background.jpg?0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/partial/011a0bd4e9c9b1089025loginForm.html?v=2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/css/reportPrint.css?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/css/angularPrint.css?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-loginForm-html.bundle.js?ccff7d6f77cc84b0b7140%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/imgs/3faa3eef13649db02044.ttf0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/services/internationalisation/labels/en_US0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginFormCtrl.bundle.js?e28e7cecfc463b4146190%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/favicon.ico0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/partial/2f1f3b6ebae76309abb0login.html?v=2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/scripts/tiff.min.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/gpfi/app.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/services/internationalisation/messages/en_US0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/images/_wlv_17700_15/login-logo.png0%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447018&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=1&Y=1&X=34353f34984640027d921ffce634aa35&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311451175&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1486&N=12&P=2&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447913&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1267&N=7&P=1&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447021&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&U=d076fe6be04a5f5db59f937ac60aecfa&Q=2&S=0&N=0&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311452163&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=612&N=1&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311446163&S=0&N=0&P=0&z=10%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/scripts/pdf.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginCtrl.bundle.js?52e20235c6a4aa3f866c0%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/jquery.bundle.js?2025.03.200%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/services/sync0%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311462106&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1641&N=3&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311467037&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=2924&N=4&z=10%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/partial/79a7ff684338779cfb6crecoverUser.html?v=2025.03.200%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311456186&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=39173&N=64&P=3&z=10%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/theme/images/_wlv_17700_15/password-reset-logo.png0%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311457110&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1517&N=2&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311466199&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=46298&N=181&P=5&z=10%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-recoverUser-html.bundle.js?c0a85d4ab5754088de860%Avira URL Cloudsafe
https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-userRecoveryCtrl.bundle.js?9f38f50da808ab558cfd0%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311461196&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=42603&N=130&P=4&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311477014&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=7171&N=6&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311471200&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=65146&N=253&P=6&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311472058&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=4613&N=5&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311476205&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=86058&N=359&P=7&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311492047&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8651&N=8&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311486220&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=88854&N=387&P=8&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311491224&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=88935&N=389&P=9&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311487110&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8627&N=7&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311501251&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=90019&N=408&P=10&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311496237&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8674&N=9&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311502099&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8782&N=10&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311506252&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8805&N=11&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311536321&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8813&N=12&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311562240&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8820&N=13&z=10%Avira URL Cloudsafe
https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311561379&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=90437&N=417&P=11&z=10%Avira URL Cloudsafe
NameIPActiveMaliciousAntivirus DetectionReputation
cdn.datatables.net
104.26.9.123
truefalse
    high
    ingest.quantummetric.com
    35.239.157.205
    truefalse
      high
      cdn.quantummetric.com
      104.18.10.213
      truefalse
        unknown
        www.google.com
        172.217.18.4
        truefalse
          high
          d3el5v9s5lv5rg.cloudfront.net
          18.66.112.16
          truefalse
            unknown
            www.central1.internationalpayments.com
            unknown
            unknowntrue
              unknown
              NameMaliciousAntivirus DetectionReputation
              https://www.central1.internationalpayments.com/geo/ng/dist/partial/2e2d6b2b1436edf549b2gpfi-status-message-directive.html?v=2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginFormCtrl.bundle.js?e28e7cecfc463b414619false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311477014&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=7171&N=6&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311467037&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=2924&N=4&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/partial/011a0bd4e9c9b1089025loginForm.html?v=2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311536321&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8813&N=12&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311462106&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1641&N=3&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/gpfi-login.css?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/angular-material.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://cdn.datatables.net/1.10.11/css/jquery.dataTables.min.cssfalse
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311501251&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=90019&N=408&P=10&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-recoverUser-html.bundle.js?c0a85d4ab5754088de86false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/styles.css?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311492047&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8651&N=8&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-loginForm-html.bundle.js?ccff7d6f77cc84b0b714false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/imgs/3faa3eef13649db02044.ttffalse
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311506252&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8805&N=11&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311562240&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8820&N=13&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311471200&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=65146&N=253&P=6&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311487110&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8627&N=7&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311466199&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=46298&N=181&P=5&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/theme/images/_wlv_17700_15/login-logo.pngfalse
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311457110&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=1517&N=2&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311461196&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=42603&N=130&P=4&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311446163&S=0&N=0&P=0&z=1false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311502099&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8782&N=10&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/scripts/pdf.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/jquery.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/underscore.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/services/syncfalse
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/theme/images/_wlv_17700_15/password-reset-logo.pngfalse
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-userRecoveryCtrl.bundle.js?9f38f50da808ab558cfdfalse
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/css/angularPrint.css?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/bootstrap.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/theme/images/login-background.jpg?false
              • Avira URL Cloud: safe
              unknown
              https://cdn.datatables.net/responsive/2.0.2/css/responsive.dataTables.min.cssfalse
              • Avira URL Cloud: safe
              unknown
              https://cdn.quantummetric.com/qscripts/quantum-converagpfi.jsfalse
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/css/reportPrint.css?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/partial/79a7ff684338779cfb6crecoverUser.html?v=2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/print.min.css?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/ext/print.min.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311561379&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=90437&N=417&P=11&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/services/internationalisation/labels/en_USfalse
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311486220&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=88854&N=387&P=8&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/angular.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/favicon.icofalse
              • Avira URL Cloud: safe
              unknown
              https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311472058&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=4613&N=5&z=1false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/ng/dist/common-ext.bundle.js?2025.03.20false
              • Avira URL Cloud: safe
              unknown
              https://www.central1.internationalpayments.com/geo/false
                unknown
                https://www.central1.internationalpayments.com/geo/ng/dist/scripts/tiff.min.js?2025.03.20false
                • Avira URL Cloud: safe
                unknown
                https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311456186&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=39173&N=64&P=3&z=1false
                • Avira URL Cloud: safe
                unknown
                https://www.central1.internationalpayments.com/geo/ng/dist/partial/2f1f3b6ebae76309abb0login.html?v=2025.03.20false
                • Avira URL Cloud: safe
                unknown
                https://www.central1.internationalpayments.com/geo/ng/dist/gpfi/app.bundle.js?2025.03.20false
                • Avira URL Cloud: safe
                unknown
                https://www.central1.internationalpayments.com/geo/services/internationalisation/messages/en_USfalse
                • Avira URL Cloud: safe
                unknown
                https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311451175&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1486&N=12&P=2&z=1false
                • Avira URL Cloud: safe
                unknown
                https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447018&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=1&Y=1&X=34353f34984640027d921ffce634aa35&z=1false
                • Avira URL Cloud: safe
                unknown
                https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/geo-responsive.css?2025.03.20false
                • Avira URL Cloud: safe
                unknown
                https://www.central1.internationalpayments.com/geo/#!/true
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311476205&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=86058&N=359&P=7&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  https://www.central1.internationalpayments.com/geo/ng/dist/moment.bundle.js?2025.03.20false
                  • Avira URL Cloud: safe
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447913&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=1267&N=7&P=1&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311452163&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=612&N=1&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311447021&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&U=d076fe6be04a5f5db59f937ac60aecfa&Q=2&S=0&N=0&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginCtrl.bundle.js?52e20235c6a4aa3f866cfalse
                  • Avira URL Cloud: safe
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311491224&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&S=88935&N=389&P=9&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  https://ingest.quantummetric.com/horizon/converagpfi?T=B&u=https%3A%2F%2Fwww.central1.internationalpayments.com%2Fgeo%2F%2F&t=1742311444640&v=1742311496237&H=1790d96798744745cbea68f5&s=f7fcbf3307f933e5b8865020128d82c1&Q=2&S=8674&N=9&z=1false
                  • Avira URL Cloud: safe
                  unknown
                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs
                  IPDomainCountryFlagASNASN NameMalicious
                  34.42.224.91
                  unknownUnited States
                  2686ATGS-MMD-ASUSfalse
                  1.1.1.1
                  unknownAustralia
                  13335CLOUDFLARENETUSfalse
                  35.239.157.205
                  ingest.quantummetric.comUnited States
                  15169GOOGLEUSfalse
                  18.66.112.16
                  d3el5v9s5lv5rg.cloudfront.netUnited States
                  3MIT-GATEWAYSUSfalse
                  142.250.186.174
                  unknownUnited States
                  15169GOOGLEUSfalse
                  104.18.10.213
                  cdn.quantummetric.comUnited States
                  13335CLOUDFLARENETUSfalse
                  172.217.18.4
                  www.google.comUnited States
                  15169GOOGLEUSfalse
                  172.217.18.3
                  unknownUnited States
                  15169GOOGLEUSfalse
                  142.250.185.106
                  unknownUnited States
                  15169GOOGLEUSfalse
                  216.58.206.35
                  unknownUnited States
                  15169GOOGLEUSfalse
                  104.26.9.123
                  cdn.datatables.netUnited States
                  13335CLOUDFLARENETUSfalse
                  64.233.167.84
                  unknownUnited States
                  15169GOOGLEUSfalse
                  18.66.112.93
                  unknownUnited States
                  3MIT-GATEWAYSUSfalse
                  142.250.186.110
                  unknownUnited States
                  15169GOOGLEUSfalse
                  35.224.156.207
                  unknownUnited States
                  15169GOOGLEUSfalse
                  142.250.74.195
                  unknownUnited States
                  15169GOOGLEUSfalse
                  142.250.184.202
                  unknownUnited States
                  15169GOOGLEUSfalse
                  IP
                  192.168.2.16
                  192.168.2.4
                  192.168.2.5
                  Joe Sandbox version:42.0.0 Malachite
                  Analysis ID:1641942
                  Start date and time:2025-03-18 16:23:26 +01:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:defaultwindowsinteractivecookbook.jbs
                  Sample URL:https://www.central1.internationalpayments.com/geo/
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:16
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:0
                  Technologies:
                  • EGA enabled
                  Analysis Mode:stream
                  Analysis stop reason:Timeout
                  Detection:MAL
                  Classification:mal48.phis.win@22/43@16/189
                  • Exclude process from analysis (whitelisted): svchost.exe
                  • Excluded IPs from analysis (whitelisted): 142.250.186.110, 216.58.206.35, 64.233.167.84, 142.250.186.174, 172.217.18.14, 216.58.206.78, 142.250.184.202, 142.250.184.238, 172.217.18.3, 142.250.186.46
                  • Excluded domains from analysis (whitelisted): fonts.googleapis.com, clients2.google.com, accounts.google.com, redirector.gvt1.com, fonts.gstatic.com, clientservices.googleapis.com, clients.l.google.com
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size getting too big, too many NtOpenFile calls found.
                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                  • VT rate limit hit for: https://www.central1.internationalpayments.com/geo/
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:downloaded
                  Size (bytes):16
                  Entropy (8bit):3.875
                  Encrypted:false
                  SSDEEP:
                  MD5:F7D59D3BE131AD16CC24D036112D9991
                  SHA1:635B8DB4843997BA0331C4C0EDDD2601F4F69698
                  SHA-256:57CCDE9F4BE6E3F510E37BEFB67BA272AB6D263980802EA18C18F3B78B3DAB32
                  SHA-512:1446489C33DA980A237731A984D9FD017475CC0BA4C022DE45571A1AD4F295860717712DB60E6EA3E1F79ABB0C8EB7F1B15C5FB05E436D170E94B8740DFBF595
                  Malicious:false
                  Reputation:unknown
                  URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIZCcEI65PHmUWcEgUNeG8SGSGunSC96FVEag==?alt=proto
                  Preview:CgkKBw14bxIZGgA=
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:downloaded
                  Size (bytes):176
                  Entropy (8bit):5.280969171862482
                  Encrypted:false
                  SSDEEP:
                  MD5:EF3ED5BBB67EC6A86FAFF7BEC9CD24C3
                  SHA1:3395E2F2D1AA993348CB32D5884CC6D86ACA34E1
                  SHA-256:4B5215DFA3A4672CE6A5C3E8C4BA984617331D9CABCBC0530C6E0E0AEBC84BED
                  SHA-512:27515890C34631C1D7BBD531FC0D462C603B21B6B27E3C456812397D62011C4C61D20417B74E8E22A3A1E0DF7F2C8EB13731A694EB6E053CE2B1E663A5C8DC8D
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-loginForm-html.bundle.js?ccff7d6f77cc84b0b714
                  Preview:"use strict";(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[9795],{37818:function(e,p,s){e.exports=s.p+"partial/011a0bd4e9c9b1089025loginForm.html"}}]);
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:downloaded
                  Size (bytes):28
                  Entropy (8bit):4.235926350629033
                  Encrypted:false
                  SSDEEP:
                  MD5:715184499DBC85C863DA025C4E53CAE6
                  SHA1:42E832F74A4DF0B5EBD67F6CD08C5BAA6A3119D4
                  SHA-256:DB1D5F2ADE950F1EF0D26265F2516EB346D7B8A2C400B91C9E0811144571725A
                  SHA-512:1E645C08729737FB5EDC8F06DCD735B4D166ADC5FA34FF3EA7DA052FFEC008465119951CB55A473E129162F54901422FF43696EF32AE63F0F2934AF95EF5049C
                  Malicious:false
                  Reputation:unknown
                  URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCYkAasV_ubw6EgUNfx-dBRIFDT2ZFGshbPfQD6bIooQ=?alt=proto
                  Preview:ChIKBw1/H50FGgAKBw09mRRrGgA=
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (3210)
                  Category:downloaded
                  Size (bytes):271354
                  Entropy (8bit):5.5420642429670615
                  Encrypted:false
                  SSDEEP:
                  MD5:4E5E43BFFD63AFDC0A17C3A02B51C7DD
                  SHA1:6FF7A635B67D5D89DF55A6E820EE69F575926C09
                  SHA-256:7184BA5289788DD9343793E7D1BC17FE9D3DB8EF8811D89E8E2CBA797CE8FBD2
                  SHA-512:0F8F158B4F343E437872ACF1BB7E55871D1D6F07C9D701B906486E7E16224AAE9248385E2C4789BD20AEDFA742E623E9808825645262963D96E2783D0686E5C7
                  Malicious:false
                  Reputation:unknown
                  URL:https://cdn.quantummetric.com/qscripts/quantum-converagpfi.js
                  Preview:/* Copyright 2015-2025 Quantum Metric, Inc. All rights reserved. For US patents see https://www.quantummetric.com/legal/patents/. For EULA see https://www.quantummetric.com/legal/eula t3 9a06359ae8ff5164a4cf1eec982bc68cd327b19e */.(function() {.var setInterval = window['__zone_symbol__setInterval'] || window.setInterval;.var clearInterval = window['__zone_symbol__clearInterval'] || window.clearInterval;.var setTimeout = window['__zone_symbol__setTimeout'] || window.setTimeout;.var console = window['console'];.var clearTimeout = window['__zone_symbol__clearTimeout'] || window.clearTimeout;.var MutationObserver = window['__zone_symbol__MutationObserver'] || window.MutationObserver;.var queueMicrotask = window['__zone_symbol__queueMicrotask'] || window.queueMicrotask;.var Promise = window['__zone_symbol__Promise'] || window.Promise; 'use strict';function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}function ba(a){a=["object"==typeof globalThis&&globa
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (10094), with no line terminators
                  Category:downloaded
                  Size (bytes):10094
                  Entropy (8bit):5.615828853097872
                  Encrypted:false
                  SSDEEP:
                  MD5:850C567968BBBD01F9D347404E8C01A8
                  SHA1:0B4C5B3E674DE4EE9672ED63E93647D47D6895D0
                  SHA-256:5C43ACA8BBE848F8C65099954B3D9626B132059C7D41D47B3A7D00BFC2FD00CA
                  SHA-512:436185BDBAA5788D7930F7A50AEB024A5647964005C267C3569402FB6AEAC0CFB08C0F5BB24114C4744A7F19015860A0F9E461626774A02DFC63BDE344362075
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginCtrl.bundle.js?52e20235c6a4aa3f866c
                  Preview:(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[1713,8913,2673,4011,3077],{91718:function(e,o,r){var t,n,i=r(74692);t=[r(7025),r(95778),r(5243),r(95767)],void 0===(n=function(e,o){o.lazy.controller("loginCtrl",["$scope","gpfiMessage","$resource","$http","$q","$rootScope","LoginResponseService","AuthenticationService","BackGroundImage","AuthState","CopyRightUtil","$cookies","$filter","$window",function(e,o,r,t,n,u,a,s,l,E,T,c,S,p){u.gpfiInitialised=!0,T.displayLoginPageCopyrightWidget(),e.AUTH_STATES=E.STATES,e.currentState=function(){return E.CURRENT_STATE},e.loginLogo=GPFI_CONTEXT+"/theme/images/"+WL_VERSION+"/login-logo.png",e.isTFAState=function(){return E.CURRENT_STATE===E.STATES.TFA||E.CURRENT_STATE===E.STATES.CHANGE_PIN},e.isAuthyReg=function(){return E.CURRENT_STATE===E.STATES.TWOFA_REG||E.CURRENT_STATE===E.STATES.INPUT_NUMBER||E.CURRENT_STATE===E.STATES.INPUT_NUMBER_APP||E.CURRENT_STATE===E.STATES.INPUT_CODE||E.CURRENT_STATE===E.STATES.AUTHY_SUCCESS};var
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (1171), with no line terminators
                  Category:downloaded
                  Size (bytes):1171
                  Entropy (8bit):4.906491850119582
                  Encrypted:false
                  SSDEEP:
                  MD5:93A66E3D38DB407AE7055FD89269956B
                  SHA1:5357C7B1EDC8471AA27757E0B30ECF3DC7D07519
                  SHA-256:5B48F8AE6C2367BC5A22BE7316D0D0051069BB881CEBD0784F9A96012EC3FC70
                  SHA-512:B9349157BE30BB4EE0FC38386F8F66B42F160C5E1E22E1031388A35DF863809B3D7FF121E14F1967271BD75C2FFDC855527CCB713949AAC6936F0326FC20B387
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/print.min.css?2025.03.20
                  Preview:.printModal{font-family:sans-serif;display:flex;text-align:center;font-weight:300;font-size:30px;left:0;top:0;position:absolute;color:#0460b5;width:100%;height:100%;background-color:rgba(255,255,255,.91)}.printClose{position:absolute;right:10px;top:10px}.printClose:before{content:"\00D7";font-family:"Helvetica Neue",sans-serif;font-weight:100;line-height:1px;padding-top:.5em;display:block;font-size:2em;text-indent:1px;overflow:hidden;height:1.25em;width:1.25em;text-align:center;cursor:pointer}.printSpinner{margin-top:3px;margin-left:-40px;position:absolute;display:inline-block;width:25px;height:25px;border:2px solid #0460b5;border-radius:50%;animation:spin .75s infinite linear}.printSpinner::after,.printSpinner::before{left:-2px;top:-2px;display:none;position:absolute;content:'';width:inherit;height:inherit;border:inherit;border-radius:inherit}.printSpinner,.printSpinner::after,.printSpinner::before{display:inline-block;border-color:transparent;border-top-color:#0460b5;animation-durati
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:downloaded
                  Size (bytes):178
                  Entropy (8bit):5.1879147507277965
                  Encrypted:false
                  SSDEEP:
                  MD5:F07F1D9F14946B9591D9C2B9F98C2315
                  SHA1:401D7ED86379EEDF0F9077BD06F7A62BAF84AACE
                  SHA-256:6D25603C0D2C1B0F1894BFC7671FE3828F78AA61545CBBFF214A4EFEB62E9CE9
                  SHA-512:98BB93DC17CC49C408291E114A0B50F3B9663D348C5F0C215C423520693D7A11402B0DB04D8E67C2DF355507143BA663C7B43DDC4F2CE5056390C7CA0892367D
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-partials-recoverUser-html.bundle.js?c0a85d4ab5754088de86
                  Preview:"use strict";(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[2247],{86770:function(e,c,s){e.exports=s.p+"partial/79a7ff684338779cfb6crecoverUser.html"}}]);
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):650
                  Entropy (8bit):4.20915992901598
                  Encrypted:false
                  SSDEEP:
                  MD5:95FF8AE2C64A677396AA952E102665D9
                  SHA1:22C297B180BFEAFF2C705BF60D4A258CEF1E05D4
                  SHA-256:741B1023FA0C288C3EA57CCCC20D7DF474F0C57BF564A5832B37A80C4C0E890F
                  SHA-512:6A74A6C0ACEF9F540326EA9E4DC864DB08E971AE67D981255F33C9B7EBEB6B4D221522CF86C3EED428160E3FADA927B3B064A075F16CFCC9BA05E4261E67B33F
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/css/angularPrint.css?2025.03.20
                  Preview:@media screen{. .printOnly{. display:none;. }.}.@media print {. td div{. page-break-inside:avoid;. }. thead {. display: table-header-group;. }. .noPrintMargin{. margin:0px !important;. padding:0px !important;. }. @page { margin:0cm }. @page :first {. margin-top:0cm;. }. @page :left {. margin-left:0cm;. margin-right:0cm;. }. @page :right {. margin-left:0cm;. margin-right:0cm;. }. .beneHide{. display: block;. height: 100% !important;. }.. .printableArea .tblBreakWords td{. word-break: normal !important;. }.}.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):3249
                  Entropy (8bit):5.516970334308233
                  Encrypted:false
                  SSDEEP:
                  MD5:3E77A40B73341C6A18B6E62A1314FC76
                  SHA1:E2ABE3783845C0B71037A2EC1D0691D95545BEF9
                  SHA-256:4FDB2672F158898E3A13526C6799303A130BD428E5DD361B7DC170D0AF866B10
                  SHA-512:5B7CE8624EFF984D573E56F2FDD5B89E8FF2006109837B250DB5AA91345D1DD9A22AAC2D8436EC0AA35E3DD2168C6F840DCA02F443548A86B3E3E2EAF0A157E2
                  Malicious:false
                  Reputation:unknown
                  URL:https://fonts.googleapis.com/css2?family=Noto+Sans&display=swap
                  Preview:/* cyrillic-ext */.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v39/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9X6VLKzA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v39/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9e6VLKzA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* devanagari */.@font-face {. font-family: 'Noto Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. font-display: swap;. src: url(https://fonts.gstatic.com/s/notosans/v39/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9b6VLKzA.woff2) fo
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (65536), with no line terminators
                  Category:downloaded
                  Size (bytes):343031
                  Entropy (8bit):5.511801640016591
                  Encrypted:false
                  SSDEEP:
                  MD5:A20FEE7F327252EA25F8A6893F014980
                  SHA1:418C77053C69336D0FA46C141DF5B99791018121
                  SHA-256:FB8ACA66BAB2C2D6E212360B369D1DF86BB258C1C44051E021061AD98E36B39B
                  SHA-512:543889950850E3C5D56CD6464E45034AEB004EB4A5503D76CEA3198A3CC86C74F8157CDA8165E1227CFEF9DC8F44045170B19E5B4B90C7625115F28C1F0B95B1
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/gpfi/app.bundle.js?2025.03.20
                  Preview:(function(){var __webpack_modules__={25477:function(e,t,r){var i={"./auth/controllers/authyRegController":[86256,7,5672,7248],"./auth/controllers/authyRegController.js":[86256,7,5672,7248],"./auth/controllers/loginCtrl":[91718,7,1713],"./auth/controllers/loginCtrl.js":[91718,7,1713],"./auth/controllers/loginFormCtrl":[6083,7,4519],"./auth/controllers/loginFormCtrl.js":[6083,7,4519],"./auth/controllers/missingUserDetailsCtrl":[32951,7,5672,1233],"./auth/controllers/missingUserDetailsCtrl.js":[32951,7,5672,1233],"./auth/controllers/passwordChangeCtrl":[48605,7,5672,7387],"./auth/controllers/passwordChangeCtrl.js":[48605,7,5672,7387],"./auth/controllers/securityQuestionCtrl":[28098,7,9162],"./auth/controllers/securityQuestionCtrl.js":[28098,7,9162],"./auth/controllers/serviceWindowCtrl":[73103,7,5283],"./auth/controllers/serviceWindowCtrl.js":[73103,7,5283],"./auth/controllers/tcCtrl":[20637,7,9019],"./auth/controllers/tcCtrl.js":[20637,7,9019],"./auth/controllers/tfaController":[50448,7,
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (35680)
                  Category:dropped
                  Size (bytes):485575
                  Entropy (8bit):5.137629423842146
                  Encrypted:false
                  SSDEEP:
                  MD5:DA71BB492ABDD28148746A677DA79539
                  SHA1:AD5D3FD292531C84744F9D408A60469C5B974DDD
                  SHA-256:449F492143297848E5396F646179087F6C34D0A774ABA681F26D342482241570
                  SHA-512:2E16A78859B53315683FD329560F0EF04E8E956D094884F74E9971525976A2568C96173ACFCBE2A7027736328B62BBC90B44D4596CD09963DB2524C1C5607A00
                  Malicious:false
                  Reputation:unknown
                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?><localeDictionaryView><localeId>en_US</localeId><dictionaryMap><entry><key>fxOrBaseAmountRequired</key><value>At least one of the FX or base amount is mandatory.</value></entry><entry><key>overrideFormErrors</key><value>Our account verification process indicates your entered data might be incorrect. Please review and correct any errors. If the details are correct, select "Ignore Errors" to continue. Ignoring errors may cause your payment to be delayed for manual review.</value></entry><entry><key>BENE_ERR_MWI_MWK_MANUAL_ENTRY_BANK_CITY</key><value>Please enter the City for the Bank of the Beneficiary.</value></entry><entry><key>AUDIT_CHANGE_OWN_PASSWORD_User</key><value>User has changed own password.</value></entry><entry><key>draftToBeneficiaryChangeWarningMessage</key><value>The change may update client and child client's 'Draft to Beneficiary' setting.</value></entry><entry><key>BENE_ERR_LTU_LTL_BANK_ROUTING_CODE</key><value>Ple
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Unicode text, UTF-8 text, with very long lines (64737)
                  Category:downloaded
                  Size (bytes):214675
                  Entropy (8bit):5.361464610567376
                  Encrypted:false
                  SSDEEP:
                  MD5:2C622B266A6268765616D6C681D24E18
                  SHA1:9B618DA83EE05C255EECA7687D540982EECF6A49
                  SHA-256:2DC37BF5499F79C549F161230209DD8D9DBD6FE7769DFE2DF8525DEA92AB946D
                  SHA-512:67C0AAA1FA4872724DF347DE4B6B9C733FA95D6819CDE2B10EC0CD303FDD27AF7DEFF2D2458F96E0D984B7D69CC11F86B7D38737492423509389A9C2C28A9C8D
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/scripts/pdf.js?2025.03.20
                  Preview:/**. * @licstart The following is the entire license notice for the. * Javascript code in this page. *. * Copyright 2020 Mozilla Foundation. *. * Licensed under the Apache License, Version 2.0 (the "License");. * you may not use this file except in compliance with the License.. * You may obtain a copy of the License at. *. * http://www.apache.org/licenses/LICENSE-2.0. *. * Unless required by applicable law or agreed to in writing, software. * distributed under the License is distributed on an "AS IS" BASIS,. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.. * See the License for the specific language governing permissions and. * limitations under the License.. *. * @licend The above is the entire license notice for the. * Javascript code in this page. */.!function webpackUniversalModuleDefinition(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define("pdfjs-dist/build/pdf",[],t):"object"==type
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (542)
                  Category:downloaded
                  Size (bytes):1572832
                  Entropy (8bit):5.222522800972816
                  Encrypted:false
                  SSDEEP:
                  MD5:3B143031BD29C248F05474D56FE32A21
                  SHA1:EFD5BF6E941077E4E948FB3F03D1A12B776DD3DF
                  SHA-256:FE5708A4B863A87462D60C9056648B3A2BFDE282B2372F7544B4DC2A968984C5
                  SHA-512:3168F69C1F838BAD06740E1AA968E58F705F1C759127A91D5833FA26FF00ED3D1CC61F35FD25484E0E442CC85D61A69AAFBF3E0B93C40721C882C69DE920F48B
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/scripts/tiff.min.js?2025.03.20
                  Preview:.(function() {/*.. ----. tiff.js: https://github.com/seikichi/tiff.js.. Copyright (C) 2013 seikichi[at]kmc.gr.jp.. This software is provided 'as-is', without any express or implied. warranty. In no event will the authors be held liable for any damages. arising from the use of this software... Permission is granted to anyone to use this software for any purpose,. including commercial applications, and to alter it and redistribute it. freely, subject to the following restrictions:.. 1. The origin of this software must not be misrepresented; you must not. claim that you wrote the original software. If you use this software. in a product, an acknowledgment in the product documentation would be. appreciated but is not required... 2. Altered source versions must be plainly marked as such, and must not be. misrepresented as being the original software... 3. This notice may not be removed or altered from any source. distribution.. ----. zlib: http://www.zl
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (2376), with no line terminators
                  Category:dropped
                  Size (bytes):2376
                  Entropy (8bit):4.998045606265048
                  Encrypted:false
                  SSDEEP:
                  MD5:FEE1CE58EB110B0C9407FB04C9727F37
                  SHA1:D7D1128FEDBA7EAA46F80C34D7BA231ACEB05043
                  SHA-256:D2A1362B09A3053965122C54370954F7F36E92702B698E3238237F856FA47C31
                  SHA-512:325038D95451FF389DCE0BD0337BB868648FA6F27D32810F691494CF23CBB477F7DCB28663D75DF09C48356EFD0B0952E28BC1AAA0F523EBBC2A0DDE1A76C8F9
                  Malicious:false
                  Reputation:unknown
                  Preview:<div class="page-container container" ng-hide="isEmbeddedApp" gpfi-spinner full-screen="true"> <div class="col-md-12 col-sm-12 col-xs-12"> <gpfi-message></gpfi-message> <gpfi-message module="login"></gpfi-message> </div> <div class="col-md-12"> <div class="col-md-12 header-placeholder"></div> <div class="col-md-12 header-description-placeholder"></div> </div> <div class="col-md-12 col-sm-12 col-xs-12"> <gpfi-include template-src="auth/partials/loginForm.html" ng-if="currentState() === AUTH_STATES.LOGIN_PAGE" controller-src="auth/controllers/loginFormCtrl" controller="loginFormCtrl as formCtrl"></gpfi-include> <gpfi-include template-src="auth/partials/termsAndConditions.html" ng-if="currentState() === AUTH_STATES.TANDC" controller-src="auth/controllers/tcCtrl" controller="tcCtrl as tcCtrl"></gpfi-include> <gpfi-include template-src="auth/partials/passwordChange.html" ng-if="currentState() === AUTH_STATES.PWORD_CHANGE" controller-src="auth/controllers/passwordChangeCtrl" controller="pass
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Unicode text, UTF-8 text
                  Category:downloaded
                  Size (bytes):12432
                  Entropy (8bit):5.202625821488905
                  Encrypted:false
                  SSDEEP:
                  MD5:219E73F397999E74305575033DBC56F5
                  SHA1:D6825E1FADFAA9A2878E83E0CBB1073C2B9E2A6B
                  SHA-256:6261BC1C28969E1CB0FCDF9115CB932FB45EB2E9FB18E05D1D7E9886675BA1DD
                  SHA-512:FA18AB6F7CAB15003836506718A059D64112DC42F85FF2504552D6D6F531AB6B58A81615883B3B3742116D5C155BA60C409B1790A4CD1626667791098DA5B68C
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/geo-responsive.css?2025.03.20
                  Preview:/* 002_1 */..gpfiMasterContainer.loginPage{. background: #dfdfdf;.}..gpfiMasterContainer{. background: #DFDFDF;.}./* 002_3 */..login-panel .form-group a{. color: #38a4d8;.}./* 002_4 */..login-panel .well{. background: #1f79e1;. color: #FFFFFF;.}./* 002_6 */..login-panel .panel-heading{. background: rgba(31, 121, 225, 1.00);.}./* 002_5 */./* 001_5 */..login-panel{. background-color: rgba(255, 255, 255, 1.00);.}...login-panel.panel-authy .col-tfa-step, .login-panel.panel-authy .col-tfa-description, .login-panel.panel-authy h4, .login-panel.panel-authy .pb6.pl15.pt10, .login-panel.panel-authy .col-tfa-option {. color: #3d4040.}../* 003_1 */..navbar{. background-color: #ffffff;.}./* 003_2 */..navbar .headerBar>li>a{. color: #29487f;.}..headerBar li a.active span{. border-bottom: 2px solid #2079e2;.}..navbar .headerBar>li>a:hover{. color: #1f79e1;.}..navbar-inverse .navbar-toggle .icon-bar{. background-color: #29487f;.}..navbar .glyphicon-option-vert
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):15096
                  Entropy (8bit):5.434547066640096
                  Encrypted:false
                  SSDEEP:
                  MD5:7104E5805DB8AAE74FBB855024BE7B38
                  SHA1:4406F855E682ADAE1F657D0A307F32F088994CB6
                  SHA-256:12B62B13552133E5D6173EF9C99C90100BDD5FEE55A64385F78FB911D87AF908
                  SHA-512:A8CDAC8B87F54AB3DBE134132555C45F9C528F96DE7A210E878C34F46E1D9F7060E006C8D461527ABE13952BC7F7611232B4B2D51894C0EE54E1AA85AA940420
                  Malicious:false
                  Reputation:unknown
                  URL:https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800;900&display=swap
                  Preview:/* cyrillic-ext */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WRhyzbi.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 200;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):1976
                  Entropy (8bit):5.4613425718577
                  Encrypted:false
                  SSDEEP:
                  MD5:96B896D08CD6D2BB8EE78736BAD40318
                  SHA1:B77262E5F0B913D94874B0DB2BA7CA71FA5EAC63
                  SHA-256:3462AA6B1F77DAA3958D92CA5EA55F0B71795BA8862AB3B274281CFC29729B1A
                  SHA-512:BD0B2D89157AC919B10A073B60402C076C7BDAE73A99E438E0B3DC8F9558C446E32AD5EEF2B695EE0F7451159D30C9917CBB95618B565F77F9452ECF2E5E72A0
                  Malicious:false
                  Reputation:unknown
                  URL:https://fonts.googleapis.com/css2?family=Montserrat&display=swap
                  Preview:/* cyrillic-ext */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw0aXpsog.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw9aXpsog.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* vietnamese */.@font-face {. font-family: 'Montserrat';. font-style: normal;. font-weight: 400;. font-display: swap;. src: url(https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw2aXpsog.woff2) format('woff2');. unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-0
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (10632), with no line terminators
                  Category:downloaded
                  Size (bytes):10632
                  Entropy (8bit):5.233713765072181
                  Encrypted:false
                  SSDEEP:
                  MD5:A3962B035A31D249FBDA80F433354625
                  SHA1:01CE91FA9BE7D3D7C21E5259ECE2107FA97B35CC
                  SHA-256:E77B094567CB857780962DC617EAB31659434C657ADE0B57C416B922365BA8F3
                  SHA-512:FAB7EBE04C60672173ADF74CFA96B377E3574F53244BDDECF43F9E71233A2818BB4F245ACDDBAFBBE3BD3A822796BD776534E85157667F9936DC9FD572D9919C
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/ext/print.min.js?2025.03.20
                  Preview:!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define("print-js",[],t):"object"==typeof exports?exports["print-js"]=t():e["print-js"]=t()}(this,function(){return function(e){function t(i){if(n[i])return n[i].exports;var o=n[i]={i:i,l:!1,exports:{}};return e[i].call(o.exports,o,o.exports,t),o.l=!0,o.exports}var n={};return t.m=e,t.c=n,t.i=function(e){return e},t.d=function(e,n,i){t.o(e,n)||Object.defineProperty(e,n,{configurable:!1,enumerable:!0,get:i})},t.n=function(e){var n=e&&e.__esModule?function(){return e.default}:function(){return e};return t.d(n,"a",n),n},t.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},t.p="./",t(t.s=10)}([function(e,t,n){"use strict";function i(e,t){if(e.focus(),r.a.isEdge()||r.a.isIE())try{e.contentWindow.document.execCommand("print",!1,null)}catch(t){e.contentWindow.print()}r.a.isIE()||r.a.isEdge()||e.contentWindow.print(),r.a.isIE()&&"pdf"===t.type&&setTimeout(func
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (3885)
                  Category:downloaded
                  Size (bytes):3886
                  Entropy (8bit):4.894774910721869
                  Encrypted:false
                  SSDEEP:
                  MD5:54832A13BE0375327DFCF800E939905E
                  SHA1:CC5E9FDD284E0AFE3662E7A82DC3686106142BDC
                  SHA-256:59C9DB0D99772F564E982D6E83108FEF4FDB634C81087AE0A7C2539B2FECF9B6
                  SHA-512:73680332F9AD58907B9E28996371F75F840814FA5F0D358F9067D0D903D1515BBF1B15964A3017FE1EDD5D44830B42908CD474419BB3E94072303BEBB41ED460
                  Malicious:false
                  Reputation:unknown
                  URL:https://cdn.datatables.net/responsive/2.0.2/css/responsive.dataTables.min.css
                  Preview:table.dataTable.dtr-inline.collapsed>tbody>tr>td.child,table.dataTable.dtr-inline.collapsed>tbody>tr>th.child,table.dataTable.dtr-inline.collapsed>tbody>tr>td.dataTables_empty{cursor:default !important}table.dataTable.dtr-inline.collapsed>tbody>tr>td.child:before,table.dataTable.dtr-inline.collapsed>tbody>tr>th.child:before,table.dataTable.dtr-inline.collapsed>tbody>tr>td.dataTables_empty:before{display:none !important}table.dataTable.dtr-inline.collapsed>tbody>tr>td:first-child,table.dataTable.dtr-inline.collapsed>tbody>tr>th:first-child{position:relative;padding-left:30px;cursor:pointer}table.dataTable.dtr-inline.collapsed>tbody>tr>td:first-child:before,table.dataTable.dtr-inline.collapsed>tbody>tr>th:first-child:before{top:8px;left:4px;height:16px;width:16px;display:block;position:absolute;color:white;border:2px solid white;border-radius:16px;box-shadow:0 0 3px #444;box-sizing:content-box;text-align:left;font-family:'Courier New', Courier, monospace;text-indent:4px;line-height:16px;
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (65465)
                  Category:downloaded
                  Size (bytes):85425
                  Entropy (8bit):5.281331619038978
                  Encrypted:false
                  SSDEEP:
                  MD5:26EBEF5E429517813A71270D517975B0
                  SHA1:D388A6C438E111837468A09252C962A91365BD2C
                  SHA-256:D9CA362E441C152F8C7BDB5AFB67B0A3399A19800765B0C2F29B89E8543F76D7
                  SHA-512:E8E4BB4E0BA85B5439862763821D86446391B351BB07F11BDFC43A95612825EB5E78B0F1562CA2D4E73F34A5367E86CA4FEEA3C135C3DA0AC8AD5DAE30C53039
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/jquery.bundle.js?2025.03.20
                  Preview:/*! For license information please see jquery.bundle.js.LICENSE.txt */.(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[8881],{74692:function(e,t){var n,r,i;r="undefined"!=typeof window?window:this,i=function(r,i){var o=[],s=r.document,a=o.slice,u=o.concat,l=o.push,c=o.indexOf,f={},p=f.toString,d=f.hasOwnProperty,h={},g="2.2.4",v=function(e,t){return new v.fn.init(e,t)},m=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,y=/^-ms-/,x=/-([\da-z])/gi,b=function(e,t){return t.toUpperCase()};function w(e){var t=!!e&&"length"in e&&e.length,n=v.type(e);return"function"!==n&&!v.isWindow(e)&&("array"===n||0===t||"number"==typeof t&&t>0&&t-1 in e)}v.fn=v.prototype={jquery:g,constructor:v,selector:"",length:0,toArray:function(){return a.call(this)},get:function(e){return null!=e?e<0?this[e+this.length]:this[e]:a.call(this)},pushStack:function(e){var t=v.merge(this.constructor(),e);return t.prevObject=this,t.context=this.context,t},each:function(e){return v.each(this,e)},map:function(e){r
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:JSON data
                  Category:downloaded
                  Size (bytes):572920
                  Entropy (8bit):5.354863863384711
                  Encrypted:false
                  SSDEEP:
                  MD5:5CFC2708677B2A7668DE13A4FA33466A
                  SHA1:912538D0FA6126D3DEBC36059E7476818F67FF48
                  SHA-256:23EE9BD136BC7F677F48260BC4A30881BD4F62E177871C6DEADA860F62B75C17
                  SHA-512:13061D0BE8F9409241ADD5D62D9B92AE1CA9A0B22934741E2BE1837584F34EEBAA1B3AE11168A76D3A9B9526ADF49A27CD147C689EAF60CA438D9EB580A5A5B6
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/services/internationalisation/labels/en_US
                  Preview:{"localeId":"en_US","dictionaryMap":{"REM_TYPE.CLIENT.1000001549.Non_Trade":"Non Trade","cancel":"Cancel","ORDER_RECALLED":"Recalled","rtdp_only":"ONLY","opsDescription":"The below listed criteria apply to all clients that are enabled for Refunds. If any refund criteria set is met, Refund Request will be initiated as a 'Wire Refund' instead of 'Refund to Source'.","customField5_RAKUTEN_ORDER_TWN":"Taiwan","upload":"Upload","REM_PURP.CLIENT.1000026521.Non_Trade.Travel_Related_Services":"Travel Related Services","KPI_FAILED_LOGON":"KPI Failed Login Report","CUSTOMER_remitterId":"Customer ID","REM_PURP.CLIENT.1000001497.Non_Trade.Advertising_Fees":"Advertising Fees","REM_PURP.CLIENT.1000001345.Non_Trade.Advertising_Fees":"Advertising Fees","manageBeneficiaryLabel":"Beneficiaries","Payment.FIELD.incomingRate":"Payment Incoming Rate","REM_PURP.CLIENT.1000001817.Non_Trade.Legal_Services":"Legal Services","beneficiarySearchLabel":"Search Beneficiary","clientSetting_enableSecurityChallenge":"E
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (2151), with no line terminators
                  Category:downloaded
                  Size (bytes):2151
                  Entropy (8bit):4.932895772334725
                  Encrypted:false
                  SSDEEP:
                  MD5:0192A8150D4BE4F3AA3E942FD976157D
                  SHA1:84DEF16572D15006DF52A441899C02EDC038D07D
                  SHA-256:AC799E4921E0D368A01E9C27D4CB1CD3E5A8C95D40BFECAFDB986E1341F6BACA
                  SHA-512:69143E92B0656C3C1E9122800AB9D51C4343913EA5BA93624964B7889E9C28F21DFBD6922B0D538C14D0E2046477743CE650DB721BDEB017DCB2B0E0102CA8BB
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/partial/79a7ff684338779cfb6crecoverUser.html?v=2025.03.20
                  Preview:<div class="col-md-4 header-left-placeholder"></div> <div class="col-md-4"> <div class="panel login-panel"> <div class="panel-heading bg-logo"> <div class="text-center p10"> <div class="display-inline-block"> <img class="geo_resp_logo login_logo" ng-src="{{userRecoveryCtrl.passwordResetLogo}}"/> </div> </div> </div> <div class="panel-body"> <div id="recoverLoginCredentials" class="col-md-12 p20 p-sm-10"> <form name="userRecoveryCtrl.recoverUserForm" class="login_form" novalidate> <div class="text-center text-white"> <label class="well well-sm bg-trans-dark" translate>{{instructionMessage}}</label> </div> <div ng-if="recoveryFormState === FORM_STATE.INIT" class="row"> <div class="col-md-12 col-sm-12 col-xs-12" ng-if="recoverPassword"> <div class="form-group" gpfi-validate-field="userRecoveryCtrl.validations.userId" gpfi-error-method="userRecoveryCtrl.getError"> <label class="control-label text-bold" translate>userId</label> <span style="font-size:11px" translate>userIdIsCaseSensitive</s
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (54770)
                  Category:downloaded
                  Size (bytes):841203
                  Entropy (8bit):5.158757719730598
                  Encrypted:false
                  SSDEEP:
                  MD5:CCB8AF3B45F2CF44C07428FDC61BBFDB
                  SHA1:A50A9B6C831211635CFF87C231BF77BCC50CBAE0
                  SHA-256:706249A73C9B059D6ED6289B32084931936A3ED1BFE1630F63115A536D8FC922
                  SHA-512:3EDAADBE81D1CFC873C2B40D884F74AC8663EFE88C049C4FED1AAC7F70B6B902861CFB3A619A4E09B93FB264E003425353583E2A9780A5B3F1BC213DA146D9D7
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/styles.css?2025.03.20
                  Preview:@import url(https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800;900&display=swap);./*!. * Datetimepicker for Bootstrap 3. * ! version : 4.7.14. * https://github.com/Eonasdan/bootstrap-datetimepicker/. */.@font-face {. font-family: 'NotoSans';. src: url(/geo/ng/dist/imgs/4a2324b5d2997bf513b1.ttf) format('truetype'),. url(/geo/ng/dist/imgs/b5f46cb2b5ce5048ba33.ttf) format('truetype'),. url(/geo/ng/dist/imgs/23e70cfbbe0783c66804.ttf) format('truetype'),. url(/geo/ng/dist/imgs/a81ad28a2309c7b6860b.ttf) format('truetype'),. url(/geo/ng/dist/imgs/a4dc753f55a7591fa2d1.ttf) format('truetype'),. url(/geo/ng/dist/imgs/bc520f2095f1b2494aba.ttf) format('truetype'),. url(/geo/ng/dist/imgs/73c9131923338c4f3cd4.ttf) format('truetype'),. url(/geo/ng/dist/imgs/0d7df33224dfbecd5627.ttf) format('truetype'),. url(/geo/ng/dist/imgs/02294dd982a747d223ad.ttf) format('truetype'),. url(/geo/ng/dist/imgs/2cfb54d923b32fbd5525.ttf) format('truetype'),. url(/geo/ng/dist
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:HTML document, ASCII text
                  Category:downloaded
                  Size (bytes):209
                  Entropy (8bit):5.143049113812332
                  Encrypted:false
                  SSDEEP:
                  MD5:18FFB59B61525F781CF9251045BE575D
                  SHA1:BD7318B00B15B7A1C8A48524419FA2E5C27A5B6D
                  SHA-256:B6682CAB65D3243B5B75EFB7279DBF49491957484780F2BA0A87632CC0E25642
                  SHA-512:A032F853ABD9492232E1183D1CB1D14110B623F2E9DEC56B7B64DD576A0317DDA8D51125763E11D6642433C5364B2BD10A994EE4F1514629A4950BBAB3ABA499
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/favicon.ico
                  Preview:<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>404 Not Found</title>.</head><body>.<h1>Not Found</h1>.<p>The requested URL /favicon.ico was not found on this server.</p>.</body></html>.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):779
                  Entropy (8bit):4.695527104021905
                  Encrypted:false
                  SSDEEP:
                  MD5:F1707A3512CC48D983C308932F4462A8
                  SHA1:6988427E919DC0FCB5830701AEA0CB4D5F08CDA4
                  SHA-256:6614935D49C6B581DEC668DDD3C27F02CA9182EF0EF53442BC34B86DD85FD6C5
                  SHA-512:973AF54290D3F62F9C6666237B9E0AE9A8830F36D6A888B9F73EDED6FFCD9C36FC2C75390C5080CB55EB294BFB37F816AD1FADEBDC554F0E2BA6FB904A24DE61
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/theme/ng/css/_wlv_17700_15/gpfi-login.css?2025.03.20
                  Preview:.bg-gray {. background: #dfdfdf.}..bg-image {. /*background: url(../../img/bg.jpg);*/. background-repeat: no-repeat;. background-size: cover;. background-position: 50% 50%.}..bg-image .login-panel {. background: rgba(0, 0, 0, 0.6);. color: #fff.}...bg-image .login-panel .bg-logo {. background: none;. padding-bottom: 0;. padding-top: 20px.}...bg-image .login-panel .bg-logo .p10 {. padding-bottom: 0.}...bg-image .login-panel .form-group .control-label {. color: #fff.}...bg-image .login-panel .form-group .control-label {. color: #fff.}...bg-image .login-panel a {. color: #ffde04;.}...bg-image .login-panel .well {. background: rgba(85,85,85,0.7);. border:none;.}...bg-image .login-panel .msg-error {. color:red !important;.}
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with no line terminators
                  Category:downloaded
                  Size (bytes):28
                  Entropy (8bit):4.09306920777189
                  Encrypted:false
                  SSDEEP:
                  MD5:0A076DAA072F8850731110FD3C5FEAA9
                  SHA1:12F051E726098E1BCA77E7502163B530B92169FF
                  SHA-256:1E8DB1995C46D56757F715A58D4B9742AD747E21A3BD461EE771BFFACAFF9963
                  SHA-512:289B584E0A300DF3A7F12E6494249FA439C08009DCF5F7D860D57154D53530A5EFEDF1C2E9627DF8BDAC8E88EB47317D345B5024871941E340A45228B3F0453B
                  Malicious:false
                  Reputation:unknown
                  URL:https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTM0LjAuNjk5OC4zNhIgCe_nGUvQ-ZB_EgUNanWXVxIFDXhvEhkhBVfMIcPd9Qk=?alt=proto
                  Preview:ChIKBw1qdZdXGgAKBw14bxIZGgA=
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:HTML document, ASCII text, with very long lines (1634), with no line terminators
                  Category:dropped
                  Size (bytes):1634
                  Entropy (8bit):4.8991905874235515
                  Encrypted:false
                  SSDEEP:
                  MD5:F250ADE20D00F85F303923F8A46E6B1B
                  SHA1:1C2FE6267A6601032FDBFDF98C8616F288C6C1C2
                  SHA-256:8B9CA399739DEBD7248914BE3F8ACADCEB9016A9E595D070572A2176D8FE9B59
                  SHA-512:07E519800E2AFAAB2977D89FF568C371C0B96D39ABF88E2B837F97BF3911011F475F85285809510549BCFAAA7EF0ED6739DE292DF0A8541BA3EFF0D93B65B363
                  Malicious:false
                  Reputation:unknown
                  Preview:<div class="col-md-4 header-left-placeholder"></div> <div class="col-md-4"> <div class="panel login-panel"> <div class="panel-heading bg-logo"> <div class="text-center p10"><div class="display-inline-block"> <img class="geo_resp_logo login_logo" ng-src="{{loginLogo}}"/> </div></div> </div> <div class="panel-body"> <div class="col-md-12 p20 p-sm-10"> <div class="text-center text-white"> <label class="well well-sm bg-trans-dark col-sm-12 col-xs-12" translate>MSG_loginMessage</label> </div> <form ng-submit="formCtrl.login()" class="login_form"> <div class="row"> <div class="col-md-12 col-sm-12 col-xs-12"> <div class="form-group"> <label class="control-label text-bold" translate>loginUserId</label> <span style="font-size:11px" translate>userIdIsCaseSensitive</span> <input type="text" class="form-control" name="j_username" autocomplete="off" ng-model="formCtrl.userName" tabindex="1"> <a ng-if="formCtrl.selfServeEnabled" href="" ng-click="formCtrl.recoverUserId()" translate>forgotMyUserId</a
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:PNG image data, 304 x 77, 8-bit/color RGBA, non-interlaced
                  Category:dropped
                  Size (bytes):5237
                  Entropy (8bit):7.902571736018458
                  Encrypted:false
                  SSDEEP:
                  MD5:620DCA78D965E8975614BA2ACD3574EC
                  SHA1:9C994ADFF8030E58F91AD23CF82EA8A76C9F8786
                  SHA-256:ACB334FC49115C27082D0D1A3043EF06D2F604FBB0D7AF16E03C938241344D1D
                  SHA-512:1CDC8EA646B52D25DAD7865209DA8414629DF5C21525915A11EF735C1095AA5723F2C72DE12E609ACFDC6AE36A756525AD53828E960A20EC662E3488B9F7CCD3
                  Malicious:false
                  Reputation:unknown
                  Preview:.PNG........IHDR...0...M.....!08X....sRGB.........gAMA......a.....pHYs...t...t..f.x....IDATx^._T.....^..RL.b..D..E.......((*.%VTPQ.E...P. .((R..............6V...9...;....L;..b...RX....ZX....ZX....ZX....ZX....ZX....ZX....ZX....ZX....ZX....ZX....ZX....Z<.`]]......f....::..l8.a........T...R....k.\n..T..Nwr_SBf..v#..rJ......>v....<.....V.<.B.V...i[i.......fL.tw.P..._...gc..6.?......E....:.X..f(.v.kmm..G.h......V....,.Y...H..V...}.{......z..1..Y..`.............A...".9...Z;d...x....:.7l=C_..F)2.4......s.rJ.d...x...X]]..].F_._...W.p..M.Jq.U2M.a<.[....F.. ...l...]H-.i2..9X..a,`.34p..-d.c..9....X..fh0$.l...).L"....p..9....ne..Nx......%*..d,`..W..%0..6....;t4.^.|m<................V..<.,.C...{.c....1T]....!)`.vFS]}..,.r.v..}......y.........yl..0..+5..i..};.9y..a.7s..cGAk.Y.+.l..../......M..u.s.v...S......{n<............. Ty........X..-.c...*|\N.=/.....1N......0)^E...........8..0s......Pvn.-..!........8..0s...!.JV.3.a..p.4U............R...t+).....W..\.k7.).^!.?....V.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (65455)
                  Category:downloaded
                  Size (bytes):427575
                  Entropy (8bit):5.335613487647654
                  Encrypted:false
                  SSDEEP:
                  MD5:F2C93579B05BF229145ED8D40984CE81
                  SHA1:9D85D2075C3FB202BAF7AC4080E868C431FACE98
                  SHA-256:9AC666C592A4815308AFC99B3880986D45F787D0F95B9FBBD17BDE403917C73E
                  SHA-512:74AA1A434AF32BB954EFB5F70B0519C4522FF816AD6E94AFC332F5392DCC721C600ABF4A8A1AFB5A8D2B9882D041F0B2FA7334333FE0EE5E3106DB6DEBD8E694
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/angular-material.bundle.js?2025.03.20
                  Preview:/*! For license information please see angular-material.bundle.js.LICENSE.txt */.(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[9295],{90437:function(e,t,n){var o=n(74692);!function(e,t,n){"use strict";t.module("ngMaterial",["ng","ngAnimate","ngAria","material.core","material.core.animate","material.core.gestures","material.core.interaction","material.core.layout","material.core.meta","material.core.theming.palette","material.core.theming","material.components.autocomplete","material.components.backdrop","material.components.bottomSheet","material.components.button","material.components.card","material.components.checkbox","material.components.chips","material.components.colors","material.components.content","material.components.datepicker","material.components.dialog","material.components.divider","material.components.fabActions","material.components.fabShared","material.components.fabSpeedDial","material.components.fabToolbar","material.components.gridList","m
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text
                  Category:downloaded
                  Size (bytes):2675
                  Entropy (8bit):4.4305949962179145
                  Encrypted:false
                  SSDEEP:
                  MD5:482F8F17EF2F64CBCA51564AE8AF471F
                  SHA1:0515314656091A87F3F296FB836B52856350713C
                  SHA-256:EC3AFC636D688998008F9347CD766CBC3F67F51765210BB0F8C0C791DE5985C2
                  SHA-512:55045A40B44968CBF7FB97F7C1F2F0AB24AC470E9C514C0EB2BA328B8BFF877483C312FAEE1A5C8B231FB0D684C8C69D935863EF8D9D5DA7D71826E5B139A7C3
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/css/reportPrint.css?2025.03.20
                  Preview:.reportContainer {. border-width: 1px;. border-style: solid;. border-color: lightgray;. padding: 4px;. border-bottom-width: 2px;. border-top-width: 2px;. margin-bottom: 10px;. background:#fff;.}...reportPanel{. border-top: 7px solid red;. border-width: 1px;. border-style: solid;. border-color: lightgray;. padding: 4px;. padding-top: 6px;. border-bottom-width: 2px;. /* background:#fff url(../images/line-bg.png) top repeat-x; */. margin-bottom: 10px;.}...printHeader{. margin-bottom: 20px;.}...no-padding{. padding-left: 0px !important;. padding-right: 0px !important;.}...with-padding{. padding-left: 15px !important;. padding-right: 15px !important;.}..hr {. margin-top: 5px;. margin-bottom: 5px;.}....@media (max-width: 481px) {. [class*="col-"] {. padding-right: 15px !important;. padding-left: 15px !important;. }.}..@media screen{. .printOnly{. visibility: hidden;. }. .printLabel {.
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (16164), with no line terminators
                  Category:downloaded
                  Size (bytes):16164
                  Entropy (8bit):5.142324484871264
                  Encrypted:false
                  SSDEEP:
                  MD5:A126E35C11F47CFA81AF4BF62D5D77B2
                  SHA1:944038BBC97F55C6533876702CDF9A693761FC16
                  SHA-256:0A9509A1A5640AFD97CAB002F81B8CA5360F466172AAF29C3AD2BE073766C157
                  SHA-512:93A84FDFAB68F50CE388FB2A9B062C8FCA6086C728A4D09E4D2AED1D7AD992CF0EA3F2289CBAE29D78DB37B9AE5994650D4CDD16B8EB650C73BC7AD0373BD000
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/underscore.bundle.js?2025.03.20
                  Preview:(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[7831],{74125:function(n,r){var t;(function(){var e=this,u=e._,i=Array.prototype,o=Object.prototype,a=Function.prototype,c=i.push,f=i.slice,l=o.toString,s=o.hasOwnProperty,p=Array.isArray,h=Object.keys,v=a.bind,y=Object.create,d=function(){},g=function(n){return n instanceof g?n:this instanceof g?void(this._wrapped=n):new g(n)};n.exports&&(r=n.exports=g),r._=g,g.VERSION="1.8.3";var m=function(n,r,t){if(void 0===r)return n;switch(null==t?3:t){case 1:return function(t){return n.call(r,t)};case 2:return function(t,e){return n.call(r,t,e)};case 3:return function(t,e,u){return n.call(r,t,e,u)};case 4:return function(t,e,u,i){return n.call(r,t,e,u,i)}}return function(){return n.apply(r,arguments)}},b=function(n,r,t){return null==n?g.identity:g.isFunction(n)?m(n,r,t):g.isObject(n)?g.matcher(n):g.property(n)};g.iteratee=function(n,r){return b(n,r,1/0)};var w=function(n,r){return function(t){var e=arguments.length;if(e<2||nul
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:XML 1.0 document, Unicode text, UTF-8 text, with very long lines (65500), with no line terminators
                  Category:dropped
                  Size (bytes):958082
                  Entropy (8bit):5.058303902462834
                  Encrypted:false
                  SSDEEP:
                  MD5:4934BB78B4D6DABEFAE1613037519D75
                  SHA1:1631134AD62B552A3FDDADDE8EC9BDD994BD75F7
                  SHA-256:68204DC584DC0B28B268C01F0141E66320CC4039D23760A9C4A6D0B069F8E19F
                  SHA-512:7344D2498A960E552FB9A56F468CAC19F8D73D6F4DA222985E0621CF56DA88149D6A08DAA21F8CE01DB310F21B48184C995F146EAA6D7E2C417D3A50FD3C35CA
                  Malicious:false
                  Reputation:unknown
                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?><localeDictionaryView><localeId>en_US</localeId><dictionaryMap><entry><key>REM_TYPE.CLIENT.1000001549.Non_Trade</key><value>Non Trade</value></entry><entry><key>cancel</key><value>Cancel</value></entry><entry><key>ORDER_RECALLED</key><value>Recalled</value></entry><entry><key>rtdp_only</key><value>ONLY</value></entry><entry><key>opsDescription</key><value>The below listed criteria apply to all clients that are enabled for Refunds. If any refund criteria set is met, Refund Request will be initiated as a 'Wire Refund' instead of 'Refund to Source'.</value></entry><entry><key>customField5_RAKUTEN_ORDER_TWN</key><value>Taiwan</value></entry><entry><key>upload</key><value>Upload</value></entry><entry><key>REM_PURP.CLIENT.1000026521.Non_Trade.Travel_Related_Services</key><value>Travel Related Services</value></entry><entry><key>KPI_FAILED_LOGON</key><value>KPI Failed Login Report</value></entry><entry><key>CUSTOMER_remitterId</key><value
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (13614)
                  Category:downloaded
                  Size (bytes):13615
                  Entropy (8bit):4.897898911566565
                  Encrypted:false
                  SSDEEP:
                  MD5:0E6BA998104B91868B2A8D2375D340E7
                  SHA1:42AA16C2E9359E70BE92EB57651E9680DF1B84FE
                  SHA-256:36216A0843BE5D085FBF0124ED93E264541B2FCB07AC84F7213E60EC771009A3
                  SHA-512:C68D0786E4A864ED93C6442CAE05AD30B2F37570D8FB72BD7F110D5B03410358F1E75116B64E285602A885BA0F6FB1CC5F1326BA59D5868191EB204324BF0BCD
                  Malicious:false
                  Reputation:unknown
                  URL:https://cdn.datatables.net/1.10.11/css/jquery.dataTables.min.css
                  Preview:table.dataTable{width:100%;margin:0 auto;clear:both;border-collapse:separate;border-spacing:0}table.dataTable thead th,table.dataTable tfoot th{font-weight:bold}table.dataTable thead th,table.dataTable thead td{padding:10px 18px;border-bottom:1px solid #111}table.dataTable thead th:active,table.dataTable thead td:active{outline:none}table.dataTable tfoot th,table.dataTable tfoot td{padding:10px 18px 6px 18px;border-top:1px solid #111}table.dataTable thead .sorting,table.dataTable thead .sorting_asc,table.dataTable thead .sorting_desc{cursor:pointer;*cursor:hand}table.dataTable thead .sorting,table.dataTable thead .sorting_asc,table.dataTable thead .sorting_desc,table.dataTable thead .sorting_asc_disabled,table.dataTable thead .sorting_desc_disabled{background-repeat:no-repeat;background-position:center right}table.dataTable thead .sorting{background-image:url("../images/sort_both.png")}table.dataTable thead .sorting_asc{background-image:url("../images/sort_asc.png")}table.dataTable the
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:TrueType Font data, 20 tables, 1st "GDEF", 37 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
                  Category:downloaded
                  Size (bytes):394140
                  Entropy (8bit):5.806236883306442
                  Encrypted:false
                  SSDEEP:
                  MD5:52A37115B1D8D5D6AE0B0E373E692C9D
                  SHA1:B30F63A27BCDC61C2458D0DDFBBE738A01E39714
                  SHA-256:A4FE82B4BFD40C71320AB0F1DACA8BA2F230B55A56FFA94D5D1B349675B70D73
                  SHA-512:F0F1922ACAABB88DEBAE2DED6C0F4DE1467CE5271AC8B56236E51704F220E9AB4D992C31E49850DB58F9FF88E31D887B7D73E75CFA397B4F44974A659B30F1BB
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/imgs/3faa3eef13649db02044.ttf
                  Preview:...........@GDEF...J........GPOS.J.....x..."GSUB8 O.......*.HVARw.I........OS/2u.^-..b`...`STAT.......4....avar.......l...2cmapy....b.....fvar..y........~gasp............glyfc.Vq...L..3.gvar\..........head......D0...6hhea......b<...$hmtx>.Jv..Dh....loca..Y...5D....maxp......5$... name.u....m.....postn.....t...U*preph.....m........(...#........3.!.%!.!(...U.[.....DF.0................3.3.#.3.77!...E..E......T.......D...T............c.&....... ,..........c.&.......',............&.......\,......P...c.&.....&..,....',............&.......],............&.......^,............&......._,..........c.&.......%,..........c.&.......$,............&.......`,......P...c.&.....&..,....$,............&.......a,............&.......b,............&.......c,..........c.&.......1,..........K.&........,......P.....&........,..........c.&........,............&.......0,..........f.&.......2,..........6.&.......,,......+.....&.........z.............&.........,.............&.........,...........Y.&.......(,.....
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (65461)
                  Category:downloaded
                  Size (bytes):450931
                  Entropy (8bit):5.3075401808733185
                  Encrypted:false
                  SSDEEP:
                  MD5:16DD7825FEC26A10FCAD6692C791B643
                  SHA1:E5FCE30B672C50DC05742BE8B572AFE871FDA43D
                  SHA-256:53A960BBA2A68529EFE92803BD93C2688076AB0FFF45F7EAE410C32CC6DBA868
                  SHA-512:6C7DFE048DBD1A823DAF03F834F846B245182C0CD300EF15A21EAC2E8E2C5A809612E018FA22B5D1649366113AF7780CE76410270A0281116601F72859887FF3
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/common-ext.bundle.js?2025.03.20
                  Preview:/*! For license information please see common-ext.bundle.js.LICENSE.txt */.(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[5810],{36125:function(){"use strict";!function(){function e(e){if("function"==typeof e)e=!0;else if(e&&0!==e.length){var t="string"==typeof(n=""+e)?n.toLowerCase():n;e=!("f"==t||"0"==t||"false"==t||"no"==t||"n"==t||"[]"==t)}else e=!1;var n;return e}var t=angular.module("AngularPrint",[]);t.directive("printSection",(function(){return{restrict:"A",link:function(e,t){t[0].classList.add("printSection")}}})),t.directive("printThisSectionOnly",(function(){return{restrict:"A",link:function(e,t){t[0].classList.add("myDivToPrint")}}})),t.directive("printHide",(function(){return{restrict:"A",link:function(e,t){t[0].classList.add("printHide")}}})),t.directive("printRemove",(function(){return{restrict:"A",link:function(e,t){t[0].classList.add("printRemove")}}})),t.directive("printOnly",(function(){return{restrict:"A",link:{post:function(e,t){t[0].classLi
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (1804), with no line terminators
                  Category:downloaded
                  Size (bytes):1804
                  Entropy (8bit):4.817129696742725
                  Encrypted:false
                  SSDEEP:
                  MD5:1586491AB585747FABF696D8BAC90665
                  SHA1:8F17ACA06D847CB9074C9C1C01C8AF217B9EE6CD
                  SHA-256:25B86A2DC2874C974F0E8EB0F7BED5E7459E2CCC03180C935602CCCA7F93FC11
                  SHA-512:4D8F534A8E4FBF5F679C5BF52EA9A57B31A79175B19E59BA6C27ED39023037098ED44CA740F6AA5947104BEB6F8D0AE4C8E439833029E9663B68A5BBD11EEDD7
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/partial/2e2d6b2b1436edf549b2gpfi-status-message-directive.html?v=2025.03.20
                  Preview:<div class="status-msg" ng-if="gpfiMessage" ng-class="{'alert-msg': gpfiMessage.type == 'error'}"> <div class="container-fluid"> <span class="gpfiCloseButton" ng-click="close()" aria-hidden="true">&times;</span> <div class="col-md-12 col-sm-12 col-xs-12"> <div class="col-md-3 col-sm-12 col-xs-12 text-left"> <small ng-if="gpfiMessage.type != 'error'" translate>{{gpfiMessage.title}}</small> <small ng-if="gpfiMessage.type == 'error'" translate>note</small> <div class="statusMsgHolder"> <p ng-if="gpfiMessage.type == 'success'" class="lead" ng-class="{'tick-msg': gpfiMessage.type == 'success'}"> <span class="text-success">Success</span> </p> <p ng-if="gpfiMessage.type == 'alert'" class="lead"> <span class="glyphicon glyphicon-alert" aria-hidden="true"></span> </p> <p class="text-danger lead" ng-if="gpfiMessage.type == 'error'"> <span class="glyphicon glyphicon-remove" aria-hidden="true"></span> Error </p> </div> </div> <div class="col-md-9 col-sm-11 col-xs-12 text-left"> <div> <small transl
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (39841), with no line terminators
                  Category:downloaded
                  Size (bytes):39841
                  Entropy (8bit):5.14136562114855
                  Encrypted:false
                  SSDEEP:
                  MD5:FB312DA28C4110FD5A658BF20F39425A
                  SHA1:DA60D8467214C69A926C9817A89AA0A0B1AFE3F3
                  SHA-256:1702782A8B7C55065838927E7A0B3A0F58DE9DF0EEF9898344013B37EDF40618
                  SHA-512:DBB213D3B1524962967E2F943BA9DF9F139A891A1A5E4140628B04A51A03FEDAEA6E38C4AB6818BF6563B9B219F13FDBA0CF4C1DD9071F65443BC8188EA6389C
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/bootstrap.bundle.js?2025.03.20
                  Preview:(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[7547],{62125:function(t,e,i){i(84234),i(35303),i(78045),i(34355),i(27694),i(14912),i(95296),i(9898),i(4856),i(22208),i(69954),i(46159)},46159:function(t,e,i){!function(t){"use strict";var e=function(i,n){this.options=t.extend({},e.DEFAULTS,n);var o=this.options.target===e.DEFAULTS.target?t(this.options.target):t(document).find(this.options.target);this.$target=o.on("scroll.bs.affix.data-api",t.proxy(this.checkPosition,this)).on("click.bs.affix.data-api",t.proxy(this.checkPositionWithEventLoop,this)),this.$element=t(i),this.affixed=null,this.unpin=null,this.pinnedOffset=null,this.checkPosition()};function i(i){return this.each((function(){var n=t(this),o=n.data("bs.affix"),s="object"==typeof i&&i;o||n.data("bs.affix",o=new e(this,s)),"string"==typeof i&&o[i]()}))}e.VERSION="3.4.1",e.RESET="affix affix-top affix-bottom",e.DEFAULTS={offset:0,target:window},e.prototype.getState=function(t,e,i,n){var o=this.$target.scrol
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (1127), with no line terminators
                  Category:downloaded
                  Size (bytes):1127
                  Entropy (8bit):5.376122430178363
                  Encrypted:false
                  SSDEEP:
                  MD5:ACCB9C3D0FF17CFFE69E63368C97606D
                  SHA1:537E26160ECF3CB2D56C0407927517593C1358AA
                  SHA-256:42DC9365FA51124858E4950BEF32C137878D46E491D497974408DFD0F1005CF3
                  SHA-512:342502A68ED304ABBA51197A10ED255DF9E7625C59F301C68D2CD0E7866247A30F72317FDA33294114FFE9D0F6711085FA1003D79585072FF8881C02504A0A81
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-loginFormCtrl.bundle.js?e28e7cecfc463b414619
                  Preview:(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[4519],{6083:function(e,o,s){var r,n;r=[s(7025),s(95778)],void 0===(n=function(e,o){o.lazy.controller("loginFormCtrl",["$scope","gpfiMessage","$resource","$http","$q","$rootScope","$cookies",function(e,o,s,r,n,a,t){var p=this;p.userName="",p.password="",p.selfServeEnabled="true"===configParameters.selfServeEnabled;var c=s(GPFI_CONTEXT+"/"+LOGIN_URI,null,{request:{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"}}});p.login=function(){o.remove("login"),t.remove("geo-logout",{path:"/",expires:"Thu, 01 Jan 1970 00:00:01 GMT",secure:!0}),p.userName||p.password?(c.request("j_username="+encodeURIComponent(p.userName)+"&j_password="+encodeURIComponent(p.password)).$promise.then((function(o){e.handleLoginResponse(o,[],!0)}),(function(o){if(null!=o){var s=o.headers();e.handleLoginResponse({},s)}})),p.userName="",p.password=""):e.setLoginErrorMessage("MSG_emptyLoginIdAndPassword")},p.recoverUserId=func
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:JSON data
                  Category:downloaded
                  Size (bytes):352345
                  Entropy (8bit):5.229541550971481
                  Encrypted:false
                  SSDEEP:
                  MD5:A056E002F25FE646F482CE44558E1D8C
                  SHA1:C31704B4100D465FDF8E56688EF3AFC392842D23
                  SHA-256:B1D8C80F7C84A5252E70BC91B3285062BFD3B788545F65166D1BAF50D8A7BB58
                  SHA-512:78524FEA3BC2E22821CCB4B2933DFA87CE42FDF70149F281E3B4C8D7ABF0BDF49A5C269788D2D3B2979A20A7A0D77D588EAE112B7CE5AAD3AD12C8C19DD14C43
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/services/internationalisation/messages/en_US
                  Preview:{"localeId":"en_US","dictionaryMap":{"fxOrBaseAmountRequired":"At least one of the FX or base amount is mandatory.","overrideFormErrors":"Our account verification process indicates your entered data might be incorrect. Please review and correct any errors. If the details are correct, select \"Ignore Errors\" to continue. Ignoring errors may cause your payment to be delayed for manual review.","BENE_ERR_MWI_MWK_MANUAL_ENTRY_BANK_CITY":"Please enter the City for the Bank of the Beneficiary.","AUDIT_CHANGE_OWN_PASSWORD_User":"User has changed own password.","draftToBeneficiaryChangeWarningMessage":"The change may update client and child client's 'Draft to Beneficiary' setting.","BENE_ERR_LTU_LTL_BANK_ROUTING_CODE":"Please do not enter any special characters including spaces, dashes in the routing code field (length 5).","uploadedFileStatus_PARSED":"The upload file has been validated and is under review by the user.","dropChequeFrontFile":"Drag & drop or click to upload cheque front","view
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (65464)
                  Category:downloaded
                  Size (bytes):284734
                  Entropy (8bit):5.266832084337123
                  Encrypted:false
                  SSDEEP:
                  MD5:E42047A78FDAEB43E509F442FCA789B8
                  SHA1:9C69248CB600A315E3466AB28E6F6B51B5C1E145
                  SHA-256:40FAAB022D9478FC216DB1C2C0A01CC5379D6434AEF503CCE48C6FFA8D975E52
                  SHA-512:90496FC380FB71C2E6114737C1D74FA58EE96D3A9059EA4786C7C3D9AE966D641C306F0A434B67F4B273FDD5E11676DFF3CBCFF8B9C7E01BB46E46C10AC76A54
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/angular.bundle.js?2025.03.20
                  Preview:/*! For license information please see angular.bundle.js.LICENSE.txt */.(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[699],{97967:function(){!function(t,e){"use strict";var n,r,i,a,o="-add",s="-remove",u="ng-animate",l="$$ngAnimateChildren";void 0===t.ontransitionend&&void 0!==t.onwebkittransitionend?(n="WebkitTransition",r="webkitTransitionEnd transitionend"):(n="transition",r="transitionend"),void 0===t.onanimationend&&void 0!==t.onwebkitanimationend?(i="WebkitAnimation",a="webkitAnimationEnd animationend"):(i="animation",a="animationend");var c="Duration",f="Property",p="Delay",h="TimingFunction",d=i+p,$=i+c,v=n+p,m=n+c,g=e.$$minErr("ng");function y(t,e,n){if(!t)throw g("areq","Argument '{0}' is {1}",e||"?",n||"required");return t}function b(t,e){return t||e?t?e?(G(t)&&(t=t.join(" ")),G(e)&&(e=e.join(" ")),t+" "+e):t:e:""}function w(t,e,n){var r="";return t=G(t)?t:t&&X(t)&&t.length?t.split(/\s+/):[],K(t,(function(t,i){t&&t.length>0&&(r+=i>0?" ":"",r+=n?e+t:t
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (3868), with no line terminators
                  Category:downloaded
                  Size (bytes):3868
                  Entropy (8bit):5.2584895255443955
                  Encrypted:false
                  SSDEEP:
                  MD5:C8A77E444BCD89D72C84EDA740A4B88B
                  SHA1:DF9A03DDC11EF53883FC65731FD8CA1318264323
                  SHA-256:D4304951EE3467FB8700367578B975AD1BBBC646D5FD61A11C34D6530A172004
                  SHA-512:4472F7BF41955FF105E503E7E23312446301FEC3F8F24BE4365B2327E2D240DD6F4FF14246318D38EF332C4A343474E58857ED709071B8DC127DB729061E9C0B
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/lazy/auth-controllers-userRecoveryCtrl.bundle.js?9f38f50da808ab558cfd
                  Preview:(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[9124,4666],{22220:function(e,r,s){var o,t;o=[s(7025),s(95778),s(12390)],void 0===(t=function(e,r){r.lazy.controller("userRecoveryCtrl",["$scope","$stateParams","$filter","UserRecoveryClientService","gpfiMessage","AuthState",function(e,r,s,o,t,i){var n=this;function u(r){var o;r.validationResult.success?n.displaySecurityQuestion(r):(r.validationResult.errors.filter((function(e){return"USER_RECOVERY_NON_UNIQUE_USER_ERROR"==e.errorCode}))?((o=[]).push(s("translate")("MSG_userRecoveryUsernameFailureLine1")),o.push(s("translate")("MSG_userRecoveryUsernameFailureLine2")),t.set("login",{title:"",type:"error",messages:o})):c(),e.showLoginPanel())}function c(){var e=[];e.push(s("translate")("MSG_userRecoveryFailureLine1")),e.push(s("translate")("MSG_userRecoveryFailureLine2")),t.set("login",{title:"",type:"error",messages:e})}n.passwordResetLogo=GPFI_CONTEXT+"/theme/images/"+WL_VERSION+"/password-reset-logo.png",t.remove("lo
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:ASCII text, with very long lines (1572)
                  Category:downloaded
                  Size (bytes):11588
                  Entropy (8bit):5.320737539461852
                  Encrypted:false
                  SSDEEP:
                  MD5:3F3862773BE13F3EE6869FC6CC4EE7FB
                  SHA1:5B13D8BC71FDC9BB468CA127934F7B8A0BF29EA3
                  SHA-256:0480D6908CFDA1B5D4F2101437F703583EFDB9539BFC49EC41BCB4A3697DF8C5
                  SHA-512:FF7396A742E2DB36EB639AF3403BD043E805455D9AB31482758808AACF7AEF285A6A0781FB09F322BF22C3FA6E4378820BC4AD2200D9AB89D420FDD47A2553A3
                  Malicious:false
                  Reputation:unknown
                  URL:"https://fonts.googleapis.com/css?family=Open+Sans:400,600"
                  Preview:/* cyrillic-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Open Sans';. font-style: normal;. font-weight: 400;. font-stretch: 100%;. src: url(https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Open Sans';. font-style: normal;
                  Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                  File Type:Unicode text, UTF-8 text, with very long lines (56982)
                  Category:downloaded
                  Size (bytes):297921
                  Entropy (8bit):6.2495271619099935
                  Encrypted:false
                  SSDEEP:
                  MD5:B6FC5174062F379A9C1F6F1460EBFDA6
                  SHA1:09C491E86CF23515E72EAD18BEA0FD20C9E38813
                  SHA-256:233074C10BAC670D2C47D85E99FB6B6A02BB95D0727D58CA373D8669CF2094D7
                  SHA-512:F1032D9BE5BC9FD6CF0C65EB1FBDA779B01249BC09807DEA7F4152CB727C42F60AD6D060D74134A4807C523EEC435679C3EBFF4CD2983B613DF89A44C81D483B
                  Malicious:false
                  Reputation:unknown
                  URL:https://www.central1.internationalpayments.com/geo/ng/dist/moment.bundle.js?2025.03.20
                  Preview:/*! For license information please see moment.bundle.js.LICENSE.txt */.(self.webpackChunkwebpackTest=self.webpackChunkwebpackTest||[]).push([[9911],{25177:function(e,a,t){!function(e){"use strict";e.defineLocale("af",{months:"Januarie_Februarie_Maart_April_Mei_Junie_Julie_Augustus_September_Oktober_November_Desember".split("_"),monthsShort:"Jan_Feb_Mrt_Apr_Mei_Jun_Jul_Aug_Sep_Okt_Nov_Des".split("_"),weekdays:"Sondag_Maandag_Dinsdag_Woensdag_Donderdag_Vrydag_Saterdag".split("_"),weekdaysShort:"Son_Maa_Din_Woe_Don_Vry_Sat".split("_"),weekdaysMin:"So_Ma_Di_Wo_Do_Vr_Sa".split("_"),meridiemParse:/vm|nm/i,isPM:function(e){return/^nm$/i.test(e)},meridiem:function(e,a,t){return e<12?t?"vm":"VM":t?"nm":"NM"},longDateFormat:{LT:"HH:mm",LTS:"HH:mm:ss",L:"DD/MM/YYYY",LL:"D MMMM YYYY",LLL:"D MMMM YYYY HH:mm",LLLL:"dddd, D MMMM YYYY HH:mm"},calendar:{sameDay:"[Vandag om] LT",nextDay:"[M.re om] LT",nextWeek:"dddd [om] LT",lastDay:"[Gister om] LT",lastWeek:"[Laas] dddd [om] LT",sameElse:"L"},relative
                  No static file info