Windows Analysis Report
https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWqU7fvHjWkz5WXnc8fDT6OC7qZ9utOxT-2FNCb37p3l01J5uCoo1HVdPyUtoL-2B-2B0SRCFvnKnnkl2cgDoMMkH8qipQH3xK8ozGp

Overview

General Information

Sample URL:	https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWq
Analysis ID:	1501223
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Detected suspicious crossdomain redirect

Classification

Signatures

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: u14209785.ct.sendgrid.net to https://patientportal.advancedmd.com/154537/billing?token=ys9ithzadjjxcehxtghta3rteda1m0xpzvm2l3vlbzjubhruajriredibkzsmm96bjrhewvwv1pmbms3cvjwmlavy1pivvvoqnuvaxi3t2nxm09ovjfib25qtwnhqjhkbfnsz2s3njjmdwjhb3gzdtkraitzvgtlk3b4uwtste1goejhzwnyofarwkjmyjirz3nptuzfcwk1bmc0efr5dfh0ete5bkzkmmgzwwrpnenrtlrbulltrutqbffwsmjy

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWqU7fvHjWkz5WXnc8fDT6OC7qZ9utOxT-2FNCb37p3l01J5uCoo1HVdPyUtoL-2B-2B0SRCFvnKnnkl2cgDoMMkH8qipQH3xK8ozGpjDHL3flhrDXeVFBaHdl4LGJSUVrJc6M9o8i4SglGpFFn9dfE-2FtsTsuo-2B0mBHeOBcych8ZiKvWhJHmO05ohuREBDztuIr0vCJ6wXPVKNBfY5nqFOvk301XXCcEdvSWqyKbqa4r-2Bl0xucu-2BJzNFNlEvPKUJOu-2FvCjaQwYmYUZnM4wPF1XHaZjT2Db0meexDY-2FrQSpSHdisr5xxV37BPWlKvG78_7C4orIQZnafKjRVbYSRH-2BiiFCrE5Suj9DoCT3YmaBp6xHEmvfjIu7sBs4SH0sA27JDQ7qwm8ew7IdBy9KU-2BhwjcjUNabpKHazU46qeBwOPS2rGdblkSAs4tI4mIJBoJaiovHThgFHT-2BzOz3B13IChJXGPRwu2d1LCnzIQZ9DC-2FICZGiTyFvOxCkRk8teH-2BhRaM1ZbaA36D95IIm5AIM7CQ6DJUiWcnjTC-2FBfU4u86HmnC0pZ5g4whjWxIg0Z8XFXA1GNfVQb55rNpxhqeRQRStA5VIpdV5gQtTpDKZVSu4Yb2b3EaLjjBqgpZ5ZFWTUK HTTP/1.1Host: u14209785.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY HTTP/1.1Host: patientportal.advancedmd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /runtime.828784c1b995f56f.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/api.js HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /polyfills.55f1c22607bcff8d.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SecureSubmit.v1/token/2.1/securesubmit.min.js HTTP/1.1Host: api2.heartlandportico.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.679ab1521d22507c.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-theme-default/material-theme.css HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-icons/amds-icons.css HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /styles.bc20a01cb439f66e.css HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SecureSubmit.v1/token/2.1/securesubmit.min.js HTTP/1.1Host: api2.heartlandportico.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/api.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /runtime.828784c1b995f56f.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /polyfills.55f1c22607bcff8d.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /OpenSans.4543090a37b427da.ttf HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.679ab1521d22507c.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /512.9bc87b909a9ebbb9.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Configuration?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /512.9bc87b909a9ebbb9.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=2 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/featureAccess?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Configuration?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=2 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /312.5741a208cd925cb7.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Branding?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/SystemDefaults?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/PatientLocation?officekey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/featureAccess?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/settings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/OfficeKeySettings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/logo.svg HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /312.5741a208cd925cb7.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/SystemDefaults?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Branding?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/PatientLocation?officekey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/OfficeKeySettings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/logo.svg HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-icons/font/amds-icons.woff2 HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://pp-wfe-100.advancedmd.com/styles.bc20a01cb439f66e.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/AccountBalances/1360565/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/settings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymousVisitTrack?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/AccountBalances/1360565/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_76.2.dr, chromecache_78.2.dr

String found in binary or memory: inline:{css:1},disableRealtimeCallback:!1,drive_share:{skipInitCommand:!0},csi:{rate:.01},client:{cors:!1},signInDeprecation:{rate:0},include_granted_scopes:!0,llang:"en",iframes:{youtube:{params:{location:["search","hash"]},url:":socialhost:/:session_prefix:_/widget/render/youtube?usegapi=1",methods:["scroll","openwindow"]},ytsubscribe:{url:"https://www.youtube.com/subscribe_embed?usegapi=1"},plus_circle:{params:{url:""},url:":socialhost:/:session_prefix::se:_/widget/plus/circle?usegapi=1"}, equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: u14209785.ct.sendgrid.net
Source: global traffic	DNS traffic detected: DNS query: patientportal.advancedmd.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: pp-wfe-100.advancedmd.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: api2.heartlandportico.com
Source: global traffic	DNS traffic detected: DNS query: amds-material-dev.advancedmd.com

Source: unknown

HTTP traffic detected: POST /api/pbportal/ResponsibleParties/anonymousVisitTrack?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveContent-Length: 2sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, */*Content-Type: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://pp-wfe-100.advancedmd.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_74.2.dr	String found in binary or memory: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css
Source: chromecache_74.2.dr	String found in binary or memory: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css
Source: chromecache_74.2.dr	String found in binary or memory: https://api2.heartlandportico.com/SecureSubmit.v1/token/2.1/securesubmit.min.js
Source: chromecache_78.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_78.2.dr, chromecache_74.2.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.googleapis.com/icon?family=Material
Source: chromecache_66.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_78.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@17/47@20/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1988,i,16457401036646260543,1716617626027759870,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWqU7fvHjWkz5WXnc8fDT6OC7qZ9utOxT-2FNCb37p3l01J5uCoo1HVdPyUtoL-2B-2B0SRCFvnKnnkl2cgDoMMkH8qipQH3xK8ozGpjDHL3flhrDXeVFBaHdl4LGJSUVrJc6M9o8i4SglGpFFn9dfE-2FtsTsuo-2B0mBHeOBcych8ZiKvWhJHmO05ohuREBDztuIr0vCJ6wXPVKNBfY5nqFOvk301XXCcEdvSWqyKbqa4r-2Bl0xucu-2BJzNFNlEvPKUJOu-2FvCjaQwYmYUZnM4wPF1XHaZjT2Db0meexDY-2FrQSpSHdisr5xxV37BPWlKvG78_7C4orIQZnafKjRVbYSRH-2BiiFCrE5Suj9DoCT3YmaBp6xHEmvfjIu7sBs4SH0sA27JDQ7qwm8ew7IdBy9KU-2BhwjcjUNabpKHazU46qeBwOPS2rGdblkSAs4tI4mIJBoJaiovHThgFHT-2BzOz3B13IChJXGPRwu2d1LCnzIQZ9DC-2FICZGiTyFvOxCkRk8teH-2BhRaM1ZbaA36D95IIm5AIM7CQ6DJUiWcnjTC-2FBfU4u86HmnC0pZ5g4whjWxIg0Z8XFXA1GNfVQb55rNpxhqeRQRStA5VIpdV5gQtTpDKZVSu4Yb2b3EaLjjBqgpZ5ZFWTUK"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1988,i,16457401036646260543,1716617626027759870,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.244.18.58	d1nn1qnqm7ih5y.cloudfront.net	United States	16509	AMAZON-02US	false
18.239.69.2	d1he4b11razhen.cloudfront.net	United States	16509	AMAZON-02US	false
35.211.11.79	api2.heartlandportico.com	United States	19527	GOOGLE-2US	false
167.89.115.121	u14209785.ct.sendgrid.net	United States	11377	SENDGRIDUS	false
142.250.185.100	www.google.com	United States	15169	GOOGLEUS	false
18.65.39.10	unknown	United States	3	MIT-GATEWAYSUS	false
13.227.219.101	d11ag707s7acdq.cloudfront.net	United States	16509	AMAZON-02US	false
216.58.206.46	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.185.174	plus.l.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4
192.168.2.5

Contacted Domains

Name	IP	Active
api2.heartlandportico.com	35.211.11.79	true
plus.l.google.com	142.250.185.174	true
www.google.com	142.250.185.100	true
u14209785.ct.sendgrid.net	167.89.115.121	true
d1nn1qnqm7ih5y.cloudfront.net	18.244.18.58	true
d11ag707s7acdq.cloudfront.net	13.227.219.101	true
d1he4b11razhen.cloudfront.net	18.239.69.2	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
patientportal.advancedmd.com	unknown	unknown
amds-material-dev.advancedmd.com	unknown	unknown
apis.google.com	unknown	unknown
pp-wfe-100.advancedmd.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://pp-wfe-100.advancedmd.com/api/configuration/settings?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/Configuration?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/OfficeKeySettings?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/featureAccess?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/PatientLocation?officekey=154537	false	Avira URL Cloud: safe	unknown
https://apis.google.com/js/api.js	false	URL Reputation: safe	unknown
https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css	false	Avira URL Cloud: safe	unknown
https://api2.heartlandportico.com/SecureSubmit.v1/token/2.1/securesubmit.min.js	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/assets/images/logo.svg	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0	false	Avira URL Cloud: safe	unknown
https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/512.9bc87b909a9ebbb9.js	false	Avira URL Cloud: safe	unknown
https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/font/amds-icons.woff2	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/styles.bc20a01cb439f66e.css	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/312.5741a208cd925cb7.js	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/SystemDefaults?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/main.679ab1521d22507c.js	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/runtime.828784c1b995f56f.js	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/api/configuration/Branding?officeKey=154537	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/polyfills.55f1c22607bcff8d.js	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/OpenSans.4543090a37b427da.ttf	false	Avira URL Cloud: safe	unknown
https://pp-wfe-100.advancedmd.com/favicon.ico?v=2	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 59	ASCII text, with very long lines (58316), with no line terminators	6AD0160EF7E55046344194326BAF8047	D29DA73025C94A5A83058F460CA66895632A443B	C77FA61B6C6BE144435E8C67CDBCA511E07F83D87709D96BDF269472DA1F287B
Chrome Cache Entry: 60	SVG Scalable Vector Graphics image	CF72E5E7F29A68BC729D7948FC63084C	63F8D5637D881EC55DEA3806BFB57AE86A78F73D	D3505F55BEA0CF3B0A5B7DA76344A895DF41B695DA85C3D5B5FB8C7ADA7378E5
Chrome Cache Entry: 61	ASCII text, with very long lines (372), with no line terminators	614A08C98EA7F3548FF8A6D7FB1170BE	7B9A1925AD08AFD091BBF324D05F79794899B96D	970810885B5B1D0ECA99FD9415A2E64BDB09F9A2788DDD481444655944FCCECE
Chrome Cache Entry: 62	Web Open Font Format (Version 2), TrueType, length 48236, version 1.0	015C126A3520C9A8F6A27979D0266E96	2ACF956561D44434A6D84204670CF849D3215D5F	3C4D6A1421C7DDB7E404521FE8C4CD5BE5AF446D7689CD880BE26612EAAD3CFA
Chrome Cache Entry: 63	ASCII text, with very long lines (371), with no line terminators	C72F94AA793C603DA26F0D31F1390B21	F5197CAD06B35F241E9B92EAA10954150329A135	586EB78AAC23DD031AE06C7429D241958E4A87E5FF494C4C2ABDC2799D3B3ACF
Chrome Cache Entry: 64	ASCII text	FB5CBA4B1FEF7F473C2678ED4A25FB2C	03F05E41D7FCA6D4BB8C0CA6DCAD86C17A896BAA	7D7DB4A3B65F03C2217BF8FDDF5B10B1B0AD02F99099DB11599E1BF397780574
Chrome Cache Entry: 65	ASCII text, with very long lines (371), with no line terminators	C72F94AA793C603DA26F0D31F1390B21	F5197CAD06B35F241E9B92EAA10954150329A135	586EB78AAC23DD031AE06C7429D241958E4A87E5FF494C4C2ABDC2799D3B3ACF
Chrome Cache Entry: 66	ASCII text	71D6A57D21337114032CA39B294F3591	ADA1D867672276F16EF4D3B8A46A519FBA8E3D4E	36B2057EB5EEF261A2CBB8C149DCF3A11EDAA15CCD8E3D462EB34999F5FF8F2A
Chrome Cache Entry: 67	Web Open Font Format (Version 2), TrueType, length 35020, version 1.0	4361BDA06069CC38137AE964EBF1B7F4	06C138B3DFC87B8095C03BB3BBA5209EEF93D44B	B71EA895A661F0C1E9930FC75CFA3D5F327220B4D613EAAF3E1C262739531671
Chrome Cache Entry: 68	Unicode text, UTF-8 text, with very long lines (32000)	73C6850396835226A45224698B43059A	DB4255AFD4B5E1A03DAE721E1D0C367B011DE405	23A2910290EFB69A0B108FDE2A3BAEC75EA713CBCB354C4F129A51042D3C3178
Chrome Cache Entry: 69	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	7A97A94B3A886BECAB8BD482A0C85874	94A07EF125633818F92EA3457967A0A927CCB332	05E6C55EF2FB42FBE3385C541E3976A2C4B329EB9A89D9D0B406C84D97C2686E
Chrome Cache Entry: 70	SVG Scalable Vector Graphics image	CF72E5E7F29A68BC729D7948FC63084C	63F8D5637D881EC55DEA3806BFB57AE86A78F73D	D3505F55BEA0CF3B0A5B7DA76344A895DF41B695DA85C3D5B5FB8C7ADA7378E5
Chrome Cache Entry: 71	TrueType Font data, digitally signed, 19 tables, 1st "DSIG"	9AED07F13C52CA21424985D42C0E045D	01DF7317D2369504321F5ECF3652B5FBBCE4DC33	30F66DF1E0B2D926D7DCA0A669D77116BFFAD37328989F057550AC6BB2EA2773
Chrome Cache Entry: 72	ASCII text, with very long lines (65536), with no line terminators	6D6D9D296808FAFE4181909AB77BBBDA	262606EDECA573681E8B59C641295E33303A39FE	77F605F302B8458E237E88B7BCCC9ABD69782DD60F6C29DF57AA8E13CB45BAD5
Chrome Cache Entry: 73	Unicode text, UTF-8 text, with very long lines (32000)	73C6850396835226A45224698B43059A	DB4255AFD4B5E1A03DAE721E1D0C367B011DE405	23A2910290EFB69A0B108FDE2A3BAEC75EA713CBCB354C4F129A51042D3C3178
Chrome Cache Entry: 74	HTML document, ASCII text, with very long lines (1528)	BDBCBB3B6ADE6737CB3252F40E87CD60	58A513764BFC6F0D0387D2081C7BFEA4BF6032F9	A475A496036528BCDA17EBEF09238A6BBA569AB9BD5662494C49A50CBEA2B475
Chrome Cache Entry: 75	ASCII text, with very long lines (372), with no line terminators	614A08C98EA7F3548FF8A6D7FB1170BE	7B9A1925AD08AFD091BBF324D05F79794899B96D	970810885B5B1D0ECA99FD9415A2E64BDB09F9A2788DDD481444655944FCCECE
Chrome Cache Entry: 76	ASCII text, with very long lines (2051)	DEBC792D9379E95E47071E67D3480AE3	978B28EE04BE45DE1F89BB589F7DD1A3367C913F	5F301B41A86204F34CE1F69010EC3A242FC11E61CDEA50BC82968C064A406CC3
Chrome Cache Entry: 77	ASCII text, with very long lines (3015), with no line terminators	F82D581AA364ACC142717DBDA2DAC271	0929A744C51016670B1C401A6364662F96A40B6F	050CA712A0421EAB5924B2F0C277BC549CE05627D9CAE243BA21A5F990A673C3
Chrome Cache Entry: 78	ASCII text, with very long lines (2051)	DEBC792D9379E95E47071E67D3480AE3	978B28EE04BE45DE1F89BB589F7DD1A3367C913F	5F301B41A86204F34CE1F69010EC3A242FC11E61CDEA50BC82968C064A406CC3
Chrome Cache Entry: 79	ASCII text, with very long lines (1572)	3C89B4E5563F4BA0410A1D7D4F3AD23E	6455000459BF2AD68625B8B554A652CC84145261	B17609553B24140FC01409B78FA834FE878DE6410FE9E8996B0A5F6A984DDD6D
Chrome Cache Entry: 80	ASCII text, with very long lines (65536), with no line terminators	C1DB6D769CB841A9D2CCB364A100F757	CB8AFFA064D49090138BCB2BDC8F96912471ADA4	96518CFDDFE78CDAD221E3117DFE60525908EC533E6C311D7D6A05563AD1DE44
Chrome Cache Entry: 81	ASCII text, with very long lines (65536), with no line terminators	6D6D9D296808FAFE4181909AB77BBBDA	262606EDECA573681E8B59C641295E33303A39FE	77F605F302B8458E237E88B7BCCC9ABD69782DD60F6C29DF57AA8E13CB45BAD5
Chrome Cache Entry: 82	Web Open Font Format (Version 2), TrueType, length 77160, version 4.459	AF7AE505A9EED503F8B8E6982036873E	D6F48CBA7D076FB6F2FD6BA993A75B9DC1ECBF0C	2ADEFCBC041E7D18FCF2D417879DC5A09997AA64D675B7A3C4B6CE33DA13F3FE
Chrome Cache Entry: 83	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	7A97A94B3A886BECAB8BD482A0C85874	94A07EF125633818F92EA3457967A0A927CCB332	05E6C55EF2FB42FBE3385C541E3976A2C4B329EB9A89D9D0B406C84D97C2686E
Chrome Cache Entry: 84	ASCII text, with very long lines (3015), with no line terminators	F82D581AA364ACC142717DBDA2DAC271	0929A744C51016670B1C401A6364662F96A40B6F	050CA712A0421EAB5924B2F0C277BC549CE05627D9CAE243BA21A5F990A673C3
Chrome Cache Entry: 85	ASCII text, with very long lines (582), with CRLF, LF line terminators	976AEFE9AD86359727C7F5CA90124EC2	21A5A45D1B1A9A2542521E2E6D25A6F1C9166240	9A7BA4157D730B6EC069FCD2CD3EF90D3E694CAA0E42D13D75323EB602C4C091
Chrome Cache Entry: 86	ASCII text, with very long lines (58316), with no line terminators	6AD0160EF7E55046344194326BAF8047	D29DA73025C94A5A83058F460CA66895632A443B	C77FA61B6C6BE144435E8C67CDBCA511E07F83D87709D96BDF269472DA1F287B

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.137
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWqU7fvHjWkz5WXnc8fDT6OC7qZ9utOxT-2FNCb37p3l01J5uCoo1HVdPyUtoL-2B-2B0SRCFvnKnnkl2cgDoMMkH8qipQH3xK8ozGpjDHL3flhrDXeVFBaHdl4LGJSUVrJc6M9o8i4SglGpFFn9dfE-2FtsTsuo-2B0mBHeOBcych8ZiKvWhJHmO05ohuREBDztuIr0vCJ6wXPVKNBfY5nqFOvk301XXCcEdvSWqyKbqa4r-2Bl0xucu-2BJzNFNlEvPKUJOu-2FvCjaQwYmYUZnM4wPF1XHaZjT2Db0meexDY-2FrQSpSHdisr5xxV37BPWlKvG78_7C4orIQZnafKjRVbYSRH-2BiiFCrE5Suj9DoCT3YmaBp6xHEmvfjIu7sBs4SH0sA27JDQ7qwm8ew7IdBy9KU-2BhwjcjUNabpKHazU46qeBwOPS2rGdblkSAs4tI4mIJBoJaiovHThgFHT-2BzOz3B13IChJXGPRwu2d1LCnzIQZ9DC-2FICZGiTyFvOxCkRk8teH-2BhRaM1ZbaA36D95IIm5AIM7CQ6DJUiWcnjTC-2FBfU4u86HmnC0pZ5g4whjWxIg0Z8XFXA1GNfVQb55rNpxhqeRQRStA5VIpdV5gQtTpDKZVSu4Yb2b3EaLjjBqgpZ5ZFWTUK HTTP/1.1Host: u14209785.ct.sendgrid.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY HTTP/1.1Host: patientportal.advancedmd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /runtime.828784c1b995f56f.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/api.js HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /polyfills.55f1c22607bcff8d.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SecureSubmit.v1/token/2.1/securesubmit.min.js HTTP/1.1Host: api2.heartlandportico.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.679ab1521d22507c.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-theme-default/material-theme.css HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-icons/amds-icons.css HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /styles.bc20a01cb439f66e.css HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SecureSubmit.v1/token/2.1/securesubmit.min.js HTTP/1.1Host: api2.heartlandportico.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/api.js HTTP/1.1Host: apis.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /runtime.828784c1b995f56f.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /polyfills.55f1c22607bcff8d.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /OpenSans.4543090a37b427da.ttf HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /main.679ab1521d22507c.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /512.9bc87b909a9ebbb9.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Configuration?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /512.9bc87b909a9ebbb9.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=2 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/featureAccess?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Configuration?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=2 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /312.5741a208cd925cb7.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Branding?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/SystemDefaults?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/PatientLocation?officekey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/featureAccess?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/settings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/OfficeKeySettings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/logo.svg HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /312.5741a208cd925cb7.js HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/SystemDefaults?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/Branding?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/PatientLocation?officekey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/OfficeKeySettings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/images/logo.svg HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /8/stable/8.0/amds-icons/font/amds-icons.woff2 HTTP/1.1Host: amds-material-dev.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fontawesome-webfont.e9955780856cf8aa.woff2?v=4.7.0 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://pp-wfe-100.advancedmd.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://pp-wfe-100.advancedmd.com/styles.bc20a01cb439f66e.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/AccountBalances/1360565/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/plain, /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://pp-wfe-100.advancedmd.com/154537/billing?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJYAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/configuration/settings?officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/ResponsibleParties/anonymousVisitTrack?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/pbportal/AccountBalances/1360565/anonymous?token=YS9iTHZadjJXcEhXTGhta3RteDA1M0xpZVM2L3VlbzJUbHRuajRIREdIbkZsMm96bjRheWVwV1pmbms3cVJwMlAvY1pIVVVoQnUvaXI3T2NxM09OVjFIb25qTWNHQjhKbFNSZ2s3NjJmdWJhb3gzdTkraitzVGtlK3B4UWtSTE1GOEJhZWNYOFArWkJmYjIrZ3NpTUZFcWk1bmc0eFR5dFh0eTE5bkZKMmgzWWRPNENRTlRBUlltRUtQbFFWSmJY&officeKey=154537 HTTP/1.1Host: pp-wfe-100.advancedmd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_76.2.dr, chromecache_78.2.dr

Source: global traffic	DNS traffic detected: DNS query: u14209785.ct.sendgrid.net
Source: global traffic	DNS traffic detected: DNS query: patientportal.advancedmd.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: pp-wfe-100.advancedmd.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: api2.heartlandportico.com
Source: global traffic	DNS traffic detected: DNS query: amds-material-dev.advancedmd.com

Source: unknown

Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/iframe
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_74.2.dr	String found in binary or memory: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-icons/amds-icons.css
Source: chromecache_74.2.dr	String found in binary or memory: https://amds-material-dev.advancedmd.com/8/stable/8.0/amds-theme-default/material-theme.css
Source: chromecache_74.2.dr	String found in binary or memory: https://api2.heartlandportico.com/SecureSubmit.v1/token/2.1/securesubmit.min.js
Source: chromecache_78.2.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_78.2.dr, chromecache_74.2.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://classroom.google.com/sharewidget?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://clients3.google.com/cast/chromecast/home/widget/backdrop?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://dataconnector.corp.google.com/:session_prefix:ui/widgetview?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://drive.google.com/savetodrivebutton?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://families.google.com/webcreation?usegapi=1&usegapi=1
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Open
Source: chromecache_85.2.dr	String found in binary or memory: https://fonts.googleapis.com/icon?family=Material
Source: chromecache_66.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqW106F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWt06F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtE6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWtk6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWu06F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuk6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWvU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWxU6F15M.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS2mu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSKmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSOmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSymu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2)
Source: chromecache_79.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTVOmu1aB.woff2)
Source: chromecache_78.2.dr	String found in binary or memory: https://pay.google.com/gp/v/widget/save
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://play.google.com/work/embedded/search?usegapi=1&usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://ssl.gstatic.com/microscope/embed/
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://talkgadget.google.com/:session_prefix:talkgadget/_/widget
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/badge?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.google.com/shopping/customerreviews/optin?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.gstatic.com/partners/badge/templates/badge.html?usegapi=1
Source: chromecache_76.2.dr, chromecache_78.2.dr	String found in binary or memory: https://www.youtube.com/subscribe_embed?usegapi=1

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49750 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@17/47@20/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1988,i,16457401036646260543,1716617626027759870,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://u14209785.ct.sendgrid.net/ls/click?upn=u001.7INBLi-2BpMtquNhvHXoCTQDs4I8fdKE9GOHSvdTryAC4YNl8SgVmFqvpumkhlW1dclTJXsA-2F-2Ff7YgccTrLpBOaqe5F4BFCpk26UqRyhBoWKMiBIlA9IyESRgA9QJQmRqgb6HSe3vdUDFbWqU7fvHjWkz5WXnc8fDT6OC7qZ9utOxT-2FNCb37p3l01J5uCoo1HVdPyUtoL-2B-2B0SRCFvnKnnkl2cgDoMMkH8qipQH3xK8ozGpjDHL3flhrDXeVFBaHdl4LGJSUVrJc6M9o8i4SglGpFFn9dfE-2FtsTsuo-2B0mBHeOBcych8ZiKvWhJHmO05ohuREBDztuIr0vCJ6wXPVKNBfY5nqFOvk301XXCcEdvSWqyKbqa4r-2Bl0xucu-2BJzNFNlEvPKUJOu-2FvCjaQwYmYUZnM4wPF1XHaZjT2Db0meexDY-2FrQSpSHdisr5xxV37BPWlKvG78_7C4orIQZnafKjRVbYSRH-2BiiFCrE5Suj9DoCT3YmaBp6xHEmvfjIu7sBs4SH0sA27JDQ7qwm8ew7IdBy9KU-2BhwjcjUNabpKHazU46qeBwOPS2rGdblkSAs4tI4mIJBoJaiovHThgFHT-2BzOz3B13IChJXGPRwu2d1LCnzIQZ9DC-2FICZGiTyFvOxCkRk8teH-2BhRaM1ZbaA36D95IIm5AIM7CQ6DJUiWcnjTC-2FBfU4u86HmnC0pZ5g4whjWxIg0Z8XFXA1GNfVQb55rNpxhqeRQRStA5VIpdV5gQtTpDKZVSu4Yb2b3EaLjjBqgpZ5ZFWTUK"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1988,i,16457401036646260543,1716617626027759870,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1501223
Product:	CloudBasic
Start time:	15:51:08
Start date:	29.08.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs