Windows Analysis Report
https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01

Overview

General Information

Sample URL:	https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01
Analysis ID:	1520358
Infos:

Detection

HTMLPhisher

Score:	84
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Antivirus detection for URL or domain

Suricata IDS alerts for network traffic

Yara detected HtmlPhish54

Phishing site detected (based on favicon image match)

Phishing site detected (based on image similarity)

Phishing site detected (based on logo match)

Detected hidden input values containing email addresses (often used in phishing pages)

Detected suspicious crossdomain redirect

Found iframes

HTML body contains low number of good links

HTML page contains hidden javascript code

HTML title does not match URL

Classification

Signatures

AV Detection

Antivirus detection for URL or domain

Source: https://adobesign.dcateam.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=2101&client-request-id=ff6956b6-29fa-401b-8d05-526c61a9442d&hpgrequestid=987796c6-9c4e-44a5-905b-584683aa0b00	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://l1ve.dcateam.com/Me.htm?v=3	Avira URL Cloud: Label: malware
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/4e5d42dfbe6c47edb237a2ec04853e46/	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/common/instrumentation/dssostatus	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	LLM: Score: 9 Reasons: The brand 'Adobe' is well-known and commonly associated with the domain 'adobe.com'., The URL 'adobesign.dcateam.com' does not match the legitimate domain 'adobe.com'., The presence of 'dcateam.com' as the main domain is suspicious and not associated with Adobe., The use of subdomain 'adobesign' could be an attempt to mimic a legitimate Adobe service., The input fields for 'Sign in with Google', 'Sign in with Apple', 'Phone', 'email', and 'username' are common targets for phishing attempts. DOM: 5.8.pages.csv
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	LLM: Score: 9 Reasons: The brand 'Adobe' is well-known and commonly associated with the domain 'adobe.com'., The URL 'adobesign.dcateam.com' does not match the legitimate domain 'adobe.com'., The presence of 'dcateam.com' as the main domain is suspicious and not associated with Adobe., The use of subdomains like 'adobesign' can be a tactic to mislead users into thinking the site is legitimate., The input fields for 'Sign in with Google', 'Sign in with Apple', 'Phone', 'email', and 'username' are common in phishing sites to capture sensitive information. DOM: 5.10.pages.csv
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known brand., The URL '1f0e1fe2-4e5d42df.dcateam.com' does not match the legitimate domain 'microsoft.com'., The URL contains suspicious elements such as a random string and an unrelated domain 'dcateam.com'., The presence of input fields asking for 'Email or Username' is common in phishing attempts targeting Microsoft accounts. DOM: 11.12.pages.csv
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known brand., The URL '1f0e1fe2-4e5d42df.dcateam.com' does not match the legitimate domain 'microsoft.com'., The domain 'dcateam.com' is not associated with Microsoft., The presence of a subdomain '1f0e1fe2-4e5d42df' is unusual and suspicious., The URL structure and domain name do not align with Microsoft's typical URL patterns. DOM: 11.11.pages.csv

Yara detected HtmlPhish54

Source: Yara match	File source: 2.7.id.script.csv, type: HTML
Source: Yara match	File source: 5.14.id.script.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML
Source: Yara match	File source: 5.7.pages.csv, type: HTML
Source: Yara match	File source: 5.5.pages.csv, type: HTML
Source: Yara match	File source: 5.9.pages.csv, type: HTML
Source: Yara match	File source: 5.10.pages.csv, type: HTML

Phishing site detected (based on favicon image match)

Source: https://dcateam.com	Matcher: Template: microsoft matched with high similarity
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Matcher: Template: microsoft matched

Detected hidden input values containing email addresses (often used in phishing pages)

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=

HTTP Parser: robin.wicht@gerhardtbraun.com

Found iframes

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx

HTML body contains low number of good links

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Number of links: 0
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01

HTTP Parser: Base64 decoded: 1727420731.000000

HTML title does not match URL

Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10

HTTP Parser: Title: Microsoft Online Password Reset does not match URL

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=

HTTP Parser: <input type="password" .../> found

Source: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=#/	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 143.110.153.1:443 -> 192.168.2.4:49750

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: sothebys.us.com to https://adobesign.dcateam.com/?amp=cm9iaw4ud2ljahraz2vyagfyzhricmf1bi5jb20=#/

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01 HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01 HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20= HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://sothebys.us.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: sothebys.us.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20= HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="Sec-WebSocket-Key: BK7cgLnhOMl+72vZJujZww==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true HTTP/1.1Host: adobesign.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: adobesign.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: l1ve.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1Sec-WebSocket-Key: O834Uy+T8XhGHYHcS9oPPg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: 4b8136b0-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: 4nw7/LxYBR7aP0GWOgGl+w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /gerhardtbraun.com/winauth/ssoprobe?client-request-id=b44ac550-9d30-4269-b060-549621628c56&_=1727420763655 HTTP/1.1Host: 03fe54c2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: wVHOkK9KB569Pe9Zci0xYg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/illustration?ts=637944331833970061 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/arrow_left_43280e0ba671a1d8b5e34f1931c4fe4b.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/bannerlogo?ts=637944331842360917 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/arrow_left_43280e0ba671a1d8b5e34f1931c4fe4b.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/bannerlogo?ts=637944331842360917 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/illustration?ts=637944331833970061 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: k+vuWlQhA+kUSVOgsJKvog==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: JZCM5nSMkDeS9otzyUrcWA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Common.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1Host: ca0bbba6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /css/Style.css?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /css/ltrStyle.css?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Webtrends.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Images/hipaudioplay.png?vv=100 HTTP/1.1Host: 28e58987-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=PZp-UguzV3eiIgC9jthUzRVid1Zp7Yrh6GnWr6UFT7HZeGKMaINHyYeiOoYl901XG1SgokATq5Nqn3NEpiSXniqMwkj7V_kjzBmM_w8PfSJW9srpOcEZZbp1FPwrN8XzdR0AFY0bHhANU64v3ZJk5Q2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Button.js?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: 4/yluPgr/ctTJPA9aEfagw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=VOVMn-1ji7ptewpNKKe04Ptic_v4sQOkJoNbFSKTCgnJsUDWSYIRw2xt1tvPsTxUYZhIRTaUX9U_dbj8uphXZ0fSg0RHKflqXhImoGV7W_at39wE7F7NNSnjODDdnBpjRydn5povagbPAE8o6JMPhrtPc-X0tGWW1sDlhdiAl_QNQ2pOijcJ10WZjkyvuUaxYB0v6dTbanr2kY0nL-clTw2&t=ffffffffedc3492c HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Common.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=QLrP6mIJ7ueSGHO76v9yfTImQUOtYCoOjHacorzH5TLKOrh9q9RxJn4yT2gwt-5hCto2xKcJLNcreE4qet4Lh8rEpzV0U1CdXTgP1HQS6sdYdfc3vDJz_AHQWhudWnHugQouXXFhySP7eLg7L_3MN7WQWeyz2NjjwVkoZ_qPHIuVWaKEoOm3CQ7ncbyZM4_YTXDCK8GCLjftpLcukJlboowfkGtZtJ8Ej00GYvDVARg1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Images/hipaudioplay.png?vv=100 HTTP/1.1Host: 28e58987-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=T0dtiwsjKq8gW-fIsAHJyvGnpZPh0iXezm0u3NfytbZ6-6TsiMM-tLKg1veJyjBNY_R3eWGKT7hbAEM4dL48sjZhOiEgfu5nu9KBaaEColWX9lEPD8FaiJMJS9w3E0b_PCJJB-U0Q-uXF00jBspnQFP7Izh7xg73UEYI_OsFKGUjtvZWehapPNjhxxovc4Gqlv_ui3xC40LE2RSikyfhYXQGc5YVZsDGR9yE_8mcw2o1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Button.js?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=YNhUFlNXinz8LgHwbL24RQH-ZbXxyvcr7OOnguhxng8ZuiFTPNJ9QXh8dtoptfX3BeFWG9A9Hk63eLbtbIxk0HvJhkP2FoYJavizwe94hutTawufYPfHJsHAawGlkTxEe6yX2kZBiYdQxI60gLHN2g2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=PZp-UguzV3eiIgC9jthUzRVid1Zp7Yrh6GnWr6UFT7HZeGKMaINHyYeiOoYl901XG1SgokATq5Nqn3NEpiSXniqMwkj7V_kjzBmM_w8PfSJW9srpOcEZZbp1FPwrN8XzdR0AFY0bHhANU64v3ZJk5Q2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1Host: ca0bbba6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/wait_animation.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Webtrends.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=VOVMn-1ji7ptewpNKKe04Ptic_v4sQOkJoNbFSKTCgnJsUDWSYIRw2xt1tvPsTxUYZhIRTaUX9U_dbj8uphXZ0fSg0RHKflqXhImoGV7W_at39wE7F7NNSnjODDdnBpjRydn5povagbPAE8o6JMPhrtPc-X0tGWW1sDlhdiAl_QNQ2pOijcJ10WZjkyvuUaxYB0v6dTbanr2kY0nL-clTw2&t=ffffffffedc3492c HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_speaker.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_text.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_reload.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/footer_logo_grey_bg.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=T0dtiwsjKq8gW-fIsAHJyvGnpZPh0iXezm0u3NfytbZ6-6TsiMM-tLKg1veJyjBNY_R3eWGKT7hbAEM4dL48sjZhOiEgfu5nu9KBaaEColWX9lEPD8FaiJMJS9w3E0b_PCJJB-U0Q-uXF00jBspnQFP7Izh7xg73UEYI_OsFKGUjtvZWehapPNjhxxovc4Gqlv_ui3xC40LE2RSikyfhYXQGc5YVZsDGR9yE_8mcw2o1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=YNhUFlNXinz8LgHwbL24RQH-ZbXxyvcr7OOnguhxng8ZuiFTPNJ9QXh8dtoptfX3BeFWG9A9Hk63eLbtbIxk0HvJhkP2FoYJavizwe94hutTawufYPfHJsHAawGlkTxEe6yX2kZBiYdQxI60gLHN2g2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=QLrP6mIJ7ueSGHO76v9yfTImQUOtYCoOjHacorzH5TLKOrh9q9RxJn4yT2gwt-5hCto2xKcJLNcreE4qet4Lh8rEpzV0U1CdXTgP1HQS6sdYdfc3vDJz_AHQWhudWnHugQouXXFhySP7eLg7L_3MN7WQWeyz2NjjwVkoZ_qPHIuVWaKEoOm3CQ7ncbyZM4_YTXDCK8GCLjftpLcukJlboowfkGtZtJ8Ej00GYvDVARg1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/wait_animation.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_speaker.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_Microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_text.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Default.aspx/GetCaptchaChallenge HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_reload.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/footer_logo_grey_bg.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_Microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; brcap=0Sec-WebSocket-Key: hENaFnLpPPVT4rEBWOB/7Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: global traffic	DNS traffic detected: DNS query: sothebys.us.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: adobesign.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: df977804-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 179eef38-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: l1ve.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 4b8136b0-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 03fe54c2-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 7a4e0ce6-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 2c1fa62b-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 1f0e1fe2-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: ca0bbba6-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 28e58987-4e5d42df.dcateam.com

Source: unknown

HTTP traffic detected: POST /4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01 HTTP/1.1Host: sothebys.us.comConnection: keep-aliveContent-Length: 22sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"InCYOsRyGtg7pOtfBseSx0TDQ: 46332950X-Requested-TimeStamp-Expire: sec-ch-ua-mobile: ?0X-Requested-TimeStamp-Combination: X-Requested-Type-Combination: GETContent-type: application/x-www-form-urlencodedX-Requested-Type: GETUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36X-Requested-with: XMLHttpRequestX-Requested-TimeStamp: sec-ch-ua-platform: "Windows"Accept: */*Origin: https://sothebys.us.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 3c1d1121-0435-480d-8908-ffd071725100x-ms-ests-server: 2.1.19005.8 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: de51e5f0-e1ac-4f13-b60e-d55775303802x-ms-ests-server: 2.1.18947.4 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:59 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: c8d8f28f-e568-41aa-86ad-1c83dcda6601x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:59 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: no-store, no-cachex-ms-correlation-id: 8484d4f4-2f89-4f27-a280-545fc7796727x-ua-compatible: IE=Edgex-cache: CONFIG_NOCACHEx-msedge-ref: Ref A: 348E7884988748159C10FE19C1C28064 Ref B: BY3EDGE0505 Ref C: 2024-09-27T07:05:58Zaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:04 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 5809b10e-ef84-4d1c-9f38-e3900bfc0a00x-ms-ests-server: 2.1.19005.8 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: c8d8f28f-e568-41aa-86ad-1c8364de6601x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 1dfbc23b-10c6-4d03-ab38-c7646db6a001x-ms-ests-server: 2.1.18947.4 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 80a8380c-ea75-4108-98cb-2887d6b06701x-ms-ests-server: 2.1.18947.4 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:43 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: de1382c1-dff5-4277-8ab3-ee3e00240600x-ms-ests-server: 2.1.19005.8 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:59 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: d7431b9b-59f5-4ccd-871f-1b14dbc46301x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:

Source: chromecache_127.2.dr, chromecache_95.2.dr	String found in binary or memory: https://28e58987-4e5d42df.dcateam.com:443/Images/hipaudioplay.png?vv=100
Source: chromecache_127.2.dr	String found in binary or memory: https://46d74361-4e5d42df.dcateam.com/en-US/privacystatement
Source: chromecache_95.2.dr	String found in binary or memory: https://account.dcateam.com/resetpassword.aspx
Source: chromecache_127.2.dr	String found in binary or memory: https://wwwms.dcateam.com/en-US/servicesagreement/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Source: classification engine

Classification label: mal84.phis.win@18/114@42/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1944,i,14226714261646449891,17094810511241142371,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1944,i,14226714261646449891,17094810511241142371,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
143.110.153.1	179eef38-4e5d42df.dcateam.com	United States	30376	COLLEGE-OF-ST-SCHOLASTICAUS	true
239.255.255.250	unknown	Reserved	unknown	unknown	false
104.21.67.142	sothebys.us.com	United States	13335	CLOUDFLARENETUS	false
35.190.80.1	a.nel.cloudflare.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

Contacted Domains

Name	IP	Active
a.nel.cloudflare.com	35.190.80.1	true
179eef38-4e5d42df.dcateam.com	143.110.153.1	true
7a4e0ce6-4e5d42df.dcateam.com	143.110.153.1	true
28e58987-4e5d42df.dcateam.com	143.110.153.1	true
fp2e7a.wpc.phicdn.net	192.229.221.95	true
ca0bbba6-4e5d42df.dcateam.com	143.110.153.1	true
sothebys.us.com	104.21.67.142	true
03fe54c2-4e5d42df.dcateam.com	143.110.153.1	true
www.google.com	142.250.184.196	true
adobesign.dcateam.com	143.110.153.1	true
2c1fa62b-4e5d42df.dcateam.com	143.110.153.1	true
1f0e1fe2-4e5d42df.dcateam.com	143.110.153.1	true
df977804-4e5d42df.dcateam.com	143.110.153.1	true
l1ve.dcateam.com	143.110.153.1	true
4b8136b0-4e5d42df.dcateam.com	143.110.153.1	true

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://1f0e1fe2-4e5d42df.dcateam.com/ScriptResource.axd?d=QLrP6mIJ7ueSGHO76v9yfTImQUOtYCoOjHacorzH5TLKOrh9q9RxJn4yT2gwt-5hCto2xKcJLNcreE4qet4Lh8rEpzV0U1CdXTgP1HQS6sdYdfc3vDJz_AHQWhudWnHugQouXXFhySP7eLg7L_3MN7WQWeyz2NjjwVkoZ_qPHIuVWaKEoOm3CQ7ncbyZM4_YTXDCK8GCLjftpLcukJlboowfkGtZtJ8Ej00GYvDVARg1&t=7a0cc936	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/css/ltrStyle.css?v=1342177280	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/footer_logo_grey_bg.png	true	Avira URL Cloud: safe	unknown
https://a.nel.cloudflare.com/report/v4?s=iVNyW8%2FELp7FPA7yxgQAw8gpudMqbhihaB8ishQjNgbiNvsySEz739%2FXh9yyNwdXBSsYJgrZZqyg%2FBHjWITBrWAdLIb81vFVh6goXVlEmLdNzu4uNfpMvYQ1BqEnHSoyTok%3D	false	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=2101&client-request-id=ff6956b6-29fa-401b-8d05-526c61a9442d&hpgrequestid=987796c6-9c4e-44a5-905b-584683aa0b00	true	Avira URL Cloud: phishing	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/header_microsoft.png	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/favicon.ico?v=1342177280	true	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js	true	Avira URL Cloud: safe	unknown
https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=#/	false		unknown
https://ca0bbba6-4e5d42df.dcateam.com/ajax/jQuery/jquery-3.6.0.min.js	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/hip_reload.png	true	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/Default.aspx/GetCaptchaChallenge	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/css/Style.css?v=1342177280	true	Avira URL Cloud: safe	unknown
https://7a4e0ce6-4e5d42df.dcateam.com/c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/illustration?ts=637944331833970061	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/favicon.ico	true	Avira URL Cloud: phishing	unknown
https://28e58987-4e5d42df.dcateam.com/Images/hipaudioplay.png?vv=100	true	Avira URL Cloud: safe	unknown
https://l1ve.dcateam.com/Me.htm?v=3	true	Avira URL Cloud: malware	unknown
https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	true		unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	true		unknown
https://sothebys.us.com/cdn-cgi/challenge-platform/scripts/jsd/main.js	false	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true	true	Avira URL Cloud: phishing	unknown
https://df977804-4e5d42df.dcateam.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/hip_text.gif	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/ScriptResource.axd?d=VOVMn-1ji7ptewpNKKe04Ptic_v4sQOkJoNbFSKTCgnJsUDWSYIRw2xt1tvPsTxUYZhIRTaUX9U_dbj8uphXZ0fSg0RHKflqXhImoGV7W_at39wE7F7NNSnjODDdnBpjRydn5povagbPAE8o6JMPhrtPc-X0tGWW1sDlhdiAl_QNQ2pOijcJ10WZjkyvuUaxYB0v6dTbanr2kY0nL-clTw2&t=ffffffffedc3492c	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/hip_speaker.png	true	Avira URL Cloud: safe	unknown
https://sothebys.us.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?	false	Avira URL Cloud: safe	unknown
https://7a4e0ce6-4e5d42df.dcateam.com/c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/bannerlogo?ts=637944331842360917	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/ScriptResource.axd?d=T0dtiwsjKq8gW-fIsAHJyvGnpZPh0iXezm0u3NfytbZ6-6TsiMM-tLKg1veJyjBNY_R3eWGKT7hbAEM4dL48sjZhOiEgfu5nu9KBaaEColWX9lEPD8FaiJMJS9w3E0b_PCJJB-U0Q-uXF00jBspnQFP7Izh7xg73UEYI_OsFKGUjtvZWehapPNjhxxovc4Gqlv_ui3xC40LE2RSikyfhYXQGc5YVZsDGR9yE_8mcw2o1&t=7a0cc936	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/4e5d42dfbe6c47edb237a2ec04853e46/	true	Avira URL Cloud: phishing	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/header_Microsoft.png	true		unknown
https://a.nel.cloudflare.com/report/v4?s=Aj1r5VfGyJBo2zvewhZDvdya1W8WZ99XgrF4YfcxfID3iN0IkUdv4abfIW756iVwrsjRPTckwUUmfGkIaiO6bWltXHE9uBA7FKZX7c9cKLJb9%2FX%2By6HKFueDzW7MlA5OGFY%3D	false	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/arrow_left_43280e0ba671a1d8b5e34f1931c4fe4b.svg	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/js/Button.js?v=1342177280	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/js/Webtrends.js	true	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=	true	Avira URL Cloud: phishing	unknown
https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01	false		unknown
https://1f0e1fe2-4e5d42df.dcateam.com/WebResource.axd?d=YNhUFlNXinz8LgHwbL24RQH-ZbXxyvcr7OOnguhxng8ZuiFTPNJ9QXh8dtoptfX3BeFWG9A9Hk63eLbtbIxk0HvJhkP2FoYJavizwe94hutTawufYPfHJsHAawGlkTxEe6yX2kZBiYdQxI60gLHN2g2&t=638611486905325876	true	Avira URL Cloud: safe	unknown
https://adobesign.dcateam.com/common/instrumentation/dssostatus	true	Avira URL Cloud: phishing	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/WebResource.axd?d=PZp-UguzV3eiIgC9jthUzRVid1Zp7Yrh6GnWr6UFT7HZeGKMaINHyYeiOoYl901XG1SgokATq5Nqn3NEpiSXniqMwkj7V_kjzBmM_w8PfSJW9srpOcEZZbp1FPwrN8XzdR0AFY0bHhANU64v3ZJk5Q2&t=638611486905325876	true	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js	true	Avira URL Cloud: safe	unknown
https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2	true	Avira URL Cloud: safe	unknown
https://03fe54c2-4e5d42df.dcateam.com/gerhardtbraun.com/winauth/ssoprobe?client-request-id=b44ac550-9d30-4269-b060-549621628c56&_=1727420763655	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/js/Common.js	true	Avira URL Cloud: safe	unknown
https://df977804-4e5d42df.dcateam.com/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg	true	Avira URL Cloud: safe	unknown
https://1f0e1fe2-4e5d42df.dcateam.com/images/wait_animation.gif	true	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 101	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 102	GIF image data, version 89a, 352 x 3	B540A8E518037192E32C4FE58BF2DBAB	3047C1DB97B86F6981E0AD2F96AF40CDF43511AF	8737D721808655F37B333F08A90185699E7E8B9BDAAA15CDB63C8448B426F95D
Chrome Cache Entry: 103	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 104	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 105	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 106	gzip compressed data, original size modulo 2^32 1864	2D2CBA7D7DC75F3BA9DC756738D41A6E	F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC	00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
Chrome Cache Entry: 107	ASCII text, with CRLF line terminators	E94DFE310FF05DFE9E92A9148EEA6EA0	97B23F3DDC6B03D0014FA8B10AA43391676D81AA	76A6F91320B6F1751CA594925489F82B76E7A22317AECEF4570AAF41C792B29B
Chrome Cache Entry: 108	ASCII text, with very long lines (8019), with no line terminators	BBA39522C679565A3E8ECC9E52D0181B	6305B121BF0547AE5A0FB5FCAEBCE6135ADE93BB	F8E9B21A93F1F16ACD9252B495CACA4A87AA2C392D33E40C8CBA5FC4C2A055B7
Chrome Cache Entry: 109	gzip compressed data, from Unix, original size modulo 2^32 57443	210F3C4E623D333CB94746CEC563DE09	887911B0BCA564AFEC25787B44A98F16EBF7ACA3	4792643ECEBF0EEAA641474C9A1BA39D16D2F924C6B5A6FCB8FC443A5FE59F44
Chrome Cache Entry: 110	ASCII text, with very long lines (8002), with no line terminators	88382055A56FB93EDE851F0215B352EC	510280AD06542734E31C241B55E0D80030E40A36	472B1D582EEB19D0286D8313A5AB6687F9A7A62987573563337BF317FA7DA829
Chrome Cache Entry: 111	ASCII text, with no line terminators	17C4BD96DCB397D1D62D24921BC4FEBA	2C0F2AFF858069D582A97867B183EBD5DC8A9FCB	3549DBC06BDD994A38C9A29AECD7E8F9577E2150D15F8D6B0533B4D250666514
Chrome Cache Entry: 112	ASCII text, with no line terminators	83ECEDC097388E43F538879B44917021	02D6D59675B34BD0AD4221DDA65DCBD0BAE4B975	8F62A87918F858544CF63EDA2A7DF74179757D72864C299785CD1D1FF04ED6E1
Chrome Cache Entry: 113	gzip compressed data, from Unix, original size modulo 2^32 26676	2FB2FD9DF5C898C4968E039238749E09	EE184EDAB6BF773D51C0923E4EDC67C44F92C10C	E1681A0D9C132F1571F30C4B843134748C2DFADE6A0E247C6D79B32B5C5AD25F
Chrome Cache Entry: 114	MS Windows icon resource - 5 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	ABC085EC44C02C0B349E93D9355C78EA	416D2489D3B1B45484649C9CC66FB64E52CB384C	2BE1245726043730B5ECFA1ED423A3B039B77903923074D084711AC673E43338
Chrome Cache Entry: 115	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 116	MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	7E0D59593F3377B72C29435C4B43954A	B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2	62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
Chrome Cache Entry: 117	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 118	ASCII text, with CRLF line terminators	432C0225D4F996FA527B1DDA37FAF9B1	000B0E2D9E8E70B56FCC4DD5CDE19B6B6DA2CBE4	E7A2F12C0F145FA465B669F22F47FA9D7C43B6F67D2629FFE92F155C2FB009BF
Chrome Cache Entry: 119	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 120	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 121	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 122	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 123	gzip compressed data, original size modulo 2^32 513	44D8807C223B5C6DEF6E75A602F314EF	E061C196D771661D6C47336C50EAFE2B3BA14130	BA9816D7AF3E3B0EA5B6B34BAA0C99FE5EDCF4CA9BE30307AAA2956F994A8B1E
Chrome Cache Entry: 124	PNG image data, 16 x 25, 8-bit/color RGBA, non-interlaced	D4FFE61373F6AA32EEB8CA7CD41AB980	4925FAC4BC73EFB7C7BBC32B11C435ECF1D61674	D5C54FFC6B8BD44D932BE8F37B1CD5B666205C7574F9D56EF68E56F83E08FFAD
Chrome Cache Entry: 125	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3	1DF3C4BD11BC1117A65301DFC0C0F2B4	8E3282E938DC56B6B0CA8C9EEC7D83FF4ADCA186	4F735FC5298E852CFFF3665A0093D69B50066BC24F3F65BB2307C8B2A016F103
Chrome Cache Entry: 126	gzip compressed data, from Unix, original size modulo 2^32 26954	AA2C434CD228F2F66475A3DE6563810C	D973E6EA552AD17B5379CB44A0AEE3EBFBCA0EE7	F86E52667175BF496752323AE014CAAA4DF7C6982727815BDAD5633CFF68BCA2
Chrome Cache Entry: 127	HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators	AAD8AC8D57A68AAAF81F85AD2E775EE4	3AFAC33F7516AB0EA84FAD4B03BAFB33DF05D186	F1DE16411135E626DE29E5FC05F3949D3781D06B78FE4946EB505FED1D1252B9
Chrome Cache Entry: 128	PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced	8DC34013E911C5F68FC2BCA0400CB06F	16BAFA91AF100D65C4945F04E0C6E1643B98CF00	795029D360C3D16233FCE96F1BFF13C261535C0885FAE806CFF766F32D96BCEE
Chrome Cache Entry: 129	gzip compressed data, from Unix, original size modulo 2^32 89501	08DF9F54C9E2E91DB3AADC1BAFF368A5	A8E6C9343489D3C36CF262A10F59D22540248C49	417453D1FCABA01D9543B7649FC12EE865E118714D5F86A8316216E9BB4FDD20
Chrome Cache Entry: 130	PNG image data, 338 x 72, 8-bit/color RGBA, non-interlaced	36AFB641BECFAD75FED5F4E6E8C39268	2495652F017B7A06D796AFE9C4A06ECD54F9CCFE	5C2192A3932CB78B431A1AC0F3F3D73414A31C63D5CB279F2687E58C72694200
Chrome Cache Entry: 131	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 132	ASCII text, with CRLF line terminators	E94DFE310FF05DFE9E92A9148EEA6EA0	97B23F3DDC6B03D0014FA8B10AA43391676D81AA	76A6F91320B6F1751CA594925489F82B76E7A22317AECEF4570AAF41C792B29B
Chrome Cache Entry: 133	gzip compressed data, from Unix, original size modulo 2^32 89501	08DF9F54C9E2E91DB3AADC1BAFF368A5	A8E6C9343489D3C36CF262A10F59D22540248C49	417453D1FCABA01D9543B7649FC12EE865E118714D5F86A8316216E9BB4FDD20
Chrome Cache Entry: 134	gzip compressed data, from Unix, original size modulo 2^32 3500	0F12E5FF4607E22872A411BF973092EA	982F50B419E2A23416448AF2F7D7EBEC8959EFA9	10C0FA44F425F9F74AF25A951A02B3C95DBD58B97BAC29E29C94BD928BC24BAF
Chrome Cache Entry: 135	gzip compressed data, from Unix, original size modulo 2^32 102818	CDC64DE1D85D54CEC97BAB9650815EB0	46CBA3599C9235D2271F347D0DD7DCC79322BC6E	86E84F1B056E8C014A3500036B92B593CF6A3682CCB0A56A8A2441EB868AAEFE
Chrome Cache Entry: 136	gzip compressed data, from Unix, original size modulo 2^32 141804	8BF7AA066D97C09F5FF38E02DC963025	34236028759421895E8F2493EC66F36C4CBE1039	A4E7FCD44B2B49E8CC8D03CC26FFAB7F945816079A15382DD7684EEBE29D93DC
Chrome Cache Entry: 137	gzip compressed data, from Unix, original size modulo 2^32 102818	CDC64DE1D85D54CEC97BAB9650815EB0	46CBA3599C9235D2271F347D0DD7DCC79322BC6E	86E84F1B056E8C014A3500036B92B593CF6A3682CCB0A56A8A2441EB868AAEFE
Chrome Cache Entry: 138	gzip compressed data, from Unix, original size modulo 2^32 407064	B26E93E85E7D8B2B91D087E96BD1394F	61AA3BCCC2FD1001F0FB28201490E7A230FB20F9	2ECA5F68272899D17DFC51DABDDF6F935E9AFDAAD6F6BC9EC465EFA21467D02A
Chrome Cache Entry: 139	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 140	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 141	PNG image data, 17 x 25, 8-bit/color RGBA, non-interlaced	C651D60A08FF0F579E2EB9BE6043A3C6	E7BCBB896EEA20A4DC68EDD2EF5B336E92690A55	7B4B6ADAA1DDA648143A18A52B51DFAAB54775BDB6284DFF5C869235CD385230
Chrome Cache Entry: 142	gzip compressed data, from Unix, original size modulo 2^32 57443	210F3C4E623D333CB94746CEC563DE09	887911B0BCA564AFEC25787B44A98F16EBF7ACA3	4792643ECEBF0EEAA641474C9A1BA39D16D2F924C6B5A6FCB8FC443A5FE59F44
Chrome Cache Entry: 143	gzip compressed data, from Unix, original size modulo 2^32 15763	3D4C7FE4D5816B6455065DDA6CF6B2BB	3077F41D9E15D279D7E3654450F9B6915160D688	EB1205CB2E5F4A507D4ED95682E4016AF023C7495B7B5DFD4173C99284A111C2
Chrome Cache Entry: 144	gzip compressed data, original size modulo 2^32 1864	2D2CBA7D7DC75F3BA9DC756738D41A6E	F87FD26066ED5E52A65DEE0ED2D581D3C3EA15AC	00E21864CF1BC70302EBB5B496C6C471A7DA8CBF600630B478A3E2376ED20EA2
Chrome Cache Entry: 145	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 146	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	ACA0F1B02DC406E76DDC5F2BDEBEC6CE	594C930BE86B8843377565E349D2A10F1755A13A	0446C6FD9AEB7DCD7CC089FA25323B1AE9AFA77B4CF8D4449F7D2D1B2467393A
Chrome Cache Entry: 147	GIF image data, version 89a, 352 x 3	166DE53471265253AB3A456DEFE6DA23	17C6DF4D7CCF1FA2C9EFD716FBAE0FC2C71C8D6D	A46201581A7C7C667FD42787CD1E9ADF2F6BF809EFB7596E61A03E8DBA9ADA13
Chrome Cache Entry: 148	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 149	gzip compressed data, original size modulo 2^32 513	44D8807C223B5C6DEF6E75A602F314EF	E061C196D771661D6C47336C50EAFE2B3BA14130	BA9816D7AF3E3B0EA5B6B34BAA0C99FE5EDCF4CA9BE30307AAA2956F994A8B1E
Chrome Cache Entry: 150	PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced	BC89C1FBFBC227DC5A7ED9B2797E240D	8A9390297FDD0963C466CF2FD35D5B1F88A46B6A	744A8CD0A4D15DFCF4A5D2E832FF556D950F8AF24D7B66104AB2EF4FE2605D9A
Chrome Cache Entry: 77	GIF image data, version 89a, 22 x 22	309B41EE7A44BD51E5D1B52CCC620E5B	B162CE55DE01BF7C005F8CE4D4D7C32E7AEACA08	F213507641FD02EC43981535823474ECFDE973D1B33A6CD385F1F0827FD4B528
Chrome Cache Entry: 78	gzip compressed data, from Unix, original size modulo 2^32 40329	1F2EFD65E8F5FAB8BDB4C5C58B5266CD	DC0CF6C1245542368256F2BC455834F2BD2D82C2	B5ACEFB479F59D7954C3BD57DD769C4D489248C846186B7CBC3FDED601C3FD95
Chrome Cache Entry: 79	gzip compressed data, from Unix, original size modulo 2^32 113401	7E18E71D589531855CF589482EAB8174	05F69583C81A69910337CFC736EDC8CE67544DBF	7C0DF71DA7BB0F2C55BE83B8BA31FCA820E7F856CDA39A0BD009584B6FB36B3B
Chrome Cache Entry: 80	gzip compressed data, from Unix, original size modulo 2^32 449646	3A61E7C580F0A42E2162B611F6ED1D26	874A20E20C116194050F2EB8312C56C56438CB7C	8C3FE96C174D68626AF19917F2E66C62222937F4AEEC5E9881E15E8B9AC40DE7
Chrome Cache Entry: 81	ASCII text, with CRLF line terminators	A870B45AC5D6B0D4E18C4829C7B660B4	2D3CA0E1F19EFDEB9B2DD3DCFFB17F8ABA118AA0	144524233F795D6A425B76F7AE5C0BB622B5F67E2E6AE73532AD526528CA07CF
Chrome Cache Entry: 82	ASCII text, with CRLF line terminators	11FE4E6509513DB245F1F97E37C5D3AB	05322C35B6BFAE84CE8C626BD7B1F8C4A6F15A6D	78D437B40A85299F96ED9D02E35F23FD3D3EF63D844D8D2523A15516F7E1D09C
Chrome Cache Entry: 83	gzip compressed data, original size modulo 2^32 3651	DF6A7721C242813411CC6950DF40F9B3	B2068C4A65C183AAD6FC22A44CC1FA449CD355B4	AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
Chrome Cache Entry: 84	gzip compressed data, from Unix, original size modulo 2^32 141804	8BF7AA066D97C09F5FF38E02DC963025	34236028759421895E8F2493EC66F36C4CBE1039	A4E7FCD44B2B49E8CC8D03CC26FFAB7F945816079A15382DD7684EEBE29D93DC
Chrome Cache Entry: 85	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	8EDFCD3F7A179CFF6B123DFF50F29770	7A2D9BB4B9F6072AB3049E6421021A5BA0A3DADF	D0B747C7F7414A08B0D5107832B2F4BB44A9BB4A3AAD28390F58EDE8BBEA6AE1
Chrome Cache Entry: 86	gzip compressed data, from Unix, original size modulo 2^32 407064	B26E93E85E7D8B2B91D087E96BD1394F	61AA3BCCC2FD1001F0FB28201490E7A230FB20F9	2ECA5F68272899D17DFC51DABDDF6F935E9AFDAAD6F6BC9EC465EFA21467D02A
Chrome Cache Entry: 87	MS Windows icon resource - 5 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	ABC085EC44C02C0B349E93D9355C78EA	416D2489D3B1B45484649C9CC66FB64E52CB384C	2BE1245726043730B5ECFA1ED423A3B039B77903923074D084711AC673E43338
Chrome Cache Entry: 88	GIF image data, version 89a, 24 x 24	93DE6FB07C1382459E473381DA5D0E7E	4E1208D482A7ABA8C86FDCF8E0E92C90BB8C8C8A	E97FA0CFE4B0A7BB22E9713A67D4667DA064E674A944D607E78F0D3BF48E57A5
Chrome Cache Entry: 89	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3	1DF3C4BD11BC1117A65301DFC0C0F2B4	8E3282E938DC56B6B0CA8C9EEC7D83FF4ADCA186	4F735FC5298E852CFFF3665A0093D69B50066BC24F3F65BB2307C8B2A016F103
Chrome Cache Entry: 90	MS Windows icon resource - 6 icons, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 24x24 with PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced, 32 bits/pixel	7E0D59593F3377B72C29435C4B43954A	B4C5C39A6DFB460BBD2EACCEB09EC8079FB6A8E2	62D706019A0D80173113EF70FBBEE12F286E8E221534BE788448AADA4B14C8E8
Chrome Cache Entry: 91	gzip compressed data, original size modulo 2^32 3651	DF6A7721C242813411CC6950DF40F9B3	B2068C4A65C183AAD6FC22A44CC1FA449CD355B4	AA53B6DC744357B392FC57C34E516BAE465D4A6837775C137A176D599C8EA948
Chrome Cache Entry: 92	gzip compressed data, from Unix, original size modulo 2^32 26676	2FB2FD9DF5C898C4968E039238749E09	EE184EDAB6BF773D51C0923E4EDC67C44F92C10C	E1681A0D9C132F1571F30C4B843134748C2DFADE6A0E247C6D79B32B5C5AD25F
Chrome Cache Entry: 93	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	4F27F04595C64508E99661F7DEB6EBFA	C144322771511766B54F060174B9E2190B389329	886B49EB656F6D537645567423DD29AD2763EC2D0BEDB880FF9245C2DADF7454
Chrome Cache Entry: 94	gzip compressed data, from Unix, original size modulo 2^32 15763	3D4C7FE4D5816B6455065DDA6CF6B2BB	3077F41D9E15D279D7E3654450F9B6915160D688	EB1205CB2E5F4A507D4ED95682E4016AF023C7495B7B5DFD4173C99284A111C2
Chrome Cache Entry: 95	HTML document, Unicode text, UTF-8 text, with very long lines (941), with CRLF line terminators	921AB505C853809C62A07EAA4FC045BE	E1CB32C38DA7BD4B027939BB19FBB4D096769914	0E5B8E53CCF06D4CB1E8A3FBFAB2D15747E7B3A76CF3954608143A476AA5EBBE
Chrome Cache Entry: 96	gzip compressed data, from Unix, original size modulo 2^32 449646	3A61E7C580F0A42E2162B611F6ED1D26	874A20E20C116194050F2EB8312C56C56438CB7C	8C3FE96C174D68626AF19917F2E66C62222937F4AEEC5E9881E15E8B9AC40DE7
Chrome Cache Entry: 97	gzip compressed data, from Unix, original size modulo 2^32 40329	1F2EFD65E8F5FAB8BDB4C5C58B5266CD	DC0CF6C1245542368256F2BC455834F2BD2D82C2	B5ACEFB479F59D7954C3BD57DD769C4D489248C846186B7CBC3FDED601C3FD95
Chrome Cache Entry: 98	gzip compressed data, from Unix, original size modulo 2^32 26954	AA2C434CD228F2F66475A3DE6563810C	D973E6EA552AD17B5379CB44A0AEE3EBFBCA0EE7	F86E52667175BF496752323AE014CAAA4DF7C6982727815BDAD5633CFF68BCA2
Chrome Cache Entry: 99	PNG image data, 280 x 60, 8-bit/color RGBA, non-interlaced	4F27F04595C64508E99661F7DEB6EBFA	C144322771511766B54F060174B9E2190B389329	886B49EB656F6D537645567423DD29AD2763EC2D0BEDB880FF9245C2DADF7454

AV Detection

Antivirus detection for URL or domain

Source: https://adobesign.dcateam.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=2101&client-request-id=ff6956b6-29fa-401b-8d05-526c61a9442d&hpgrequestid=987796c6-9c4e-44a5-905b-584683aa0b00	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/favicon.ico	Avira URL Cloud: Label: phishing
Source: https://l1ve.dcateam.com/Me.htm?v=3	Avira URL Cloud: Label: malware
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/4e5d42dfbe6c47edb237a2ec04853e46/	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=	Avira URL Cloud: Label: phishing
Source: https://adobesign.dcateam.com/common/instrumentation/dssostatus	Avira URL Cloud: Label: phishing

Phishing

AI detected phishing page

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	LLM: Score: 9 Reasons: The brand 'Adobe' is well-known and commonly associated with the domain 'adobe.com'., The URL 'adobesign.dcateam.com' does not match the legitimate domain 'adobe.com'., The presence of 'dcateam.com' as the main domain is suspicious and not associated with Adobe., The use of subdomain 'adobesign' could be an attempt to mimic a legitimate Adobe service., The input fields for 'Sign in with Google', 'Sign in with Apple', 'Phone', 'email', and 'username' are common targets for phishing attempts. DOM: 5.8.pages.csv
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	LLM: Score: 9 Reasons: The brand 'Adobe' is well-known and commonly associated with the domain 'adobe.com'., The URL 'adobesign.dcateam.com' does not match the legitimate domain 'adobe.com'., The presence of 'dcateam.com' as the main domain is suspicious and not associated with Adobe., The use of subdomains like 'adobesign' can be a tactic to mislead users into thinking the site is legitimate., The input fields for 'Sign in with Google', 'Sign in with Apple', 'Phone', 'email', and 'username' are common in phishing sites to capture sensitive information. DOM: 5.10.pages.csv
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known brand., The URL '1f0e1fe2-4e5d42df.dcateam.com' does not match the legitimate domain 'microsoft.com'., The URL contains suspicious elements such as a random string and an unrelated domain 'dcateam.com'., The presence of input fields asking for 'Email or Username' is common in phishing attempts targeting Microsoft accounts. DOM: 11.12.pages.csv
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	LLM: Score: 9 Reasons: The brand 'Microsoft' is a well-known brand., The URL '1f0e1fe2-4e5d42df.dcateam.com' does not match the legitimate domain 'microsoft.com'., The domain 'dcateam.com' is not associated with Microsoft., The presence of a subdomain '1f0e1fe2-4e5d42df' is unusual and suspicious., The URL structure and domain name do not align with Microsoft's typical URL patterns. DOM: 11.11.pages.csv

Yara detected HtmlPhish54

Source: Yara match	File source: 2.7.id.script.csv, type: HTML
Source: Yara match	File source: 5.14.id.script.csv, type: HTML
Source: Yara match	File source: 2.4.pages.csv, type: HTML
Source: Yara match	File source: 5.7.pages.csv, type: HTML
Source: Yara match	File source: 5.5.pages.csv, type: HTML
Source: Yara match	File source: 5.9.pages.csv, type: HTML
Source: Yara match	File source: 5.10.pages.csv, type: HTML

Phishing site detected (based on favicon image match)

Source: https://dcateam.com	Matcher: Template: microsoft matched with high similarity
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	Matcher: Template: microsoft matched with high similarity

Phishing site detected (based on image similarity)

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	Matcher: Found strong image similarity, brand: MICROSOFT
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	Matcher: Found strong image similarity, brand: MICROSOFT

Phishing site detected (based on logo match)

Matcher: Template: microsoft matched

Detected hidden input values containing email addresses (often used in phishing pages)

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=

HTTP Parser: robin.wicht@gerhardtbraun.com

Found iframes

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Iframe src: https://4b8136b0-4e5d42df.dcateam.com/Prefetch/Prefetch.aspx

HTML body contains low number of good links

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: Number of links: 0
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

Source: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01

HTTP Parser: Base64 decoded: 1727420731.000000

HTML title does not match URL

HTTP Parser: Title: Microsoft Online Password Reset does not match URL

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=

HTTP Parser: <input type="password" .../> found

Source: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=#/	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No favicon

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="author".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="author".. found

Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true#/=	HTTP Parser: No <meta name="copyright".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found
Source: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Networking

Suricata IDS alerts for network traffic

Source: Network traffic

Suricata IDS: 2857090 - Severity 1 - ETPRO PHISHING JS/PsyduckPockeball Payload Inbound : 143.110.153.1:443 -> 192.168.2.4:49750

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: sothebys.us.com to https://adobesign.dcateam.com/?amp=cm9iaw4ud2ljahraz2vyagfyzhricmf1bi5jb20=#/

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.19.126.163
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01 HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01 HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20= HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://sothebys.us.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: sothebys.us.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js? HTTP/1.1Host: sothebys.us.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: HAz-Wbl9GKvIEuF_L5lv3e1nbss=59Kqvn-q5UDn-mdyXpjVxh_UROw; JCP4CflCHpO2_gdMLTXljE1Wv-A=1727420730; RK85AiOiZfaFCvUBHPTBWlXZsnc=1727507130; 5u5dBiYBm6Bo14uCxnG75umgues=Vx_VEvhMfXTVanpK7_Tdxl2n_us; ZuEkyrklGF1CBRt5A7qtYcXb9O4=cRrl2AzWkJYyEFavDJ0CEiHqe8Y; zEnEuj91S7R0AJxSrRV_wCsAUQA=1727420731; S-f7HVeKw3jZHc7j-xrPP51lHEE=1727507131; ZDbk1gXpcq4Sa0Y9D2ZondlRw74=ddeVUrWg4K0z9D9rVjM4_Oo0L9I
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20= HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveCache-Control: max-age=0Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="Sec-WebSocket-Key: BK7cgLnhOMl+72vZJujZww==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=&sso_reload=true HTTP/1.1Host: adobesign.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: adobesign.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/?amp=cm9iaW4ud2ljaHRAZ2VyaGFyZHRicmF1bi5jb20=Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/BssoInterrupt_Core_JQnUxWSvwsd9FrpspQmznw2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: styleReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://adobesign.dcateam.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_1yb3e7oii5t28dgo4xrtow2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Me.htm?v=3 HTTP/1.1Host: l1ve.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Purpose: prefetchSec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1Sec-WebSocket-Key: O834Uy+T8XhGHYHcS9oPPg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/ConvergedLogin_PCore_ELtAAt2Ya8ISGuc0PJcBKA2.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Prefetch/Prefetch.aspx HTTP/1.1Host: 4b8136b0-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: 4nw7/LxYBR7aP0GWOgGl+w==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /gerhardtbraun.com/winauth/ssoprobe?client-request-id=b44ac550-9d30-4269-b060-549621628c56&_=1727420763655 HTTP/1.1Host: 03fe54c2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: wVHOkK9KB569Pe9Zci0xYg==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /common/instrumentation/dssostatus HTTP/1.1Host: adobesign.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_89db715e3340a2e8ecd8.js HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/illustration?ts=637944331833970061 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/arrow_left_43280e0ba671a1d8b5e34f1931c4fe4b.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/bannerlogo?ts=637944331842360917 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://adobesign.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /shared/1.0/content/images/arrow_left_43280e0ba671a1d8b5e34f1931c4fe4b.svg HTTP/1.1Host: df977804-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/bannerlogo?ts=637944331842360917 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /c1c6b6c8-mon5obab8f9fj-3gyrormlqfhpfpsikkzhrzv9m-1f0/logintenantbranding/0/illustration?ts=637944331833970061 HTTP/1.1Host: 7a4e0ce6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: k+vuWlQhA+kUSVOgsJKvog==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: JZCM5nSMkDeS9otzyUrcWA==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Common.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1Host: ca0bbba6-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /css/Style.css?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /css/ltrStyle.css?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Webtrends.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Images/hipaudioplay.png?vv=100 HTTP/1.1Host: 28e58987-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=PZp-UguzV3eiIgC9jthUzRVid1Zp7Yrh6GnWr6UFT7HZeGKMaINHyYeiOoYl901XG1SgokATq5Nqn3NEpiSXniqMwkj7V_kjzBmM_w8PfSJW9srpOcEZZbp1FPwrN8XzdR0AFY0bHhANU64v3ZJk5Q2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Button.js?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; SSOCOOKIEPULLED=1; brcap=0Sec-WebSocket-Key: 4/yluPgr/ctTJPA9aEfagw==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=VOVMn-1ji7ptewpNKKe04Ptic_v4sQOkJoNbFSKTCgnJsUDWSYIRw2xt1tvPsTxUYZhIRTaUX9U_dbj8uphXZ0fSg0RHKflqXhImoGV7W_at39wE7F7NNSnjODDdnBpjRydn5povagbPAE8o6JMPhrtPc-X0tGWW1sDlhdiAl_QNQ2pOijcJ10WZjkyvuUaxYB0v6dTbanr2kY0nL-clTw2&t=ffffffffedc3492c HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Common.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=QLrP6mIJ7ueSGHO76v9yfTImQUOtYCoOjHacorzH5TLKOrh9q9RxJn4yT2gwt-5hCto2xKcJLNcreE4qet4Lh8rEpzV0U1CdXTgP1HQS6sdYdfc3vDJz_AHQWhudWnHugQouXXFhySP7eLg7L_3MN7WQWeyz2NjjwVkoZ_qPHIuVWaKEoOm3CQ7ncbyZM4_YTXDCK8GCLjftpLcukJlboowfkGtZtJ8Ej00GYvDVARg1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Images/hipaudioplay.png?vv=100 HTTP/1.1Host: 28e58987-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=T0dtiwsjKq8gW-fIsAHJyvGnpZPh0iXezm0u3NfytbZ6-6TsiMM-tLKg1veJyjBNY_R3eWGKT7hbAEM4dL48sjZhOiEgfu5nu9KBaaEColWX9lEPD8FaiJMJS9w3E0b_PCJJB-U0Q-uXF00jBspnQFP7Izh7xg73UEYI_OsFKGUjtvZWehapPNjhxxovc4Gqlv_ui3xC40LE2RSikyfhYXQGc5YVZsDGR9yE_8mcw2o1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Button.js?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=YNhUFlNXinz8LgHwbL24RQH-ZbXxyvcr7OOnguhxng8ZuiFTPNJ9QXh8dtoptfX3BeFWG9A9Hk63eLbtbIxk0HvJhkP2FoYJavizwe94hutTawufYPfHJsHAawGlkTxEe6yX2kZBiYdQxI60gLHN2g2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=PZp-UguzV3eiIgC9jthUzRVid1Zp7Yrh6GnWr6UFT7HZeGKMaINHyYeiOoYl901XG1SgokATq5Nqn3NEpiSXniqMwkj7V_kjzBmM_w8PfSJW9srpOcEZZbp1FPwrN8XzdR0AFY0bHhANU64v3ZJk5Q2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ajax/jQuery/jquery-3.6.0.min.js HTTP/1.1Host: ca0bbba6-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/wait_animation.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /js/Webtrends.js HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=VOVMn-1ji7ptewpNKKe04Ptic_v4sQOkJoNbFSKTCgnJsUDWSYIRw2xt1tvPsTxUYZhIRTaUX9U_dbj8uphXZ0fSg0RHKflqXhImoGV7W_at39wE7F7NNSnjODDdnBpjRydn5povagbPAE8o6JMPhrtPc-X0tGWW1sDlhdiAl_QNQ2pOijcJ10WZjkyvuUaxYB0v6dTbanr2kY0nL-clTw2&t=ffffffffedc3492c HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_speaker.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_text.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_reload.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/footer_logo_grey_bg.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=T0dtiwsjKq8gW-fIsAHJyvGnpZPh0iXezm0u3NfytbZ6-6TsiMM-tLKg1veJyjBNY_R3eWGKT7hbAEM4dL48sjZhOiEgfu5nu9KBaaEColWX9lEPD8FaiJMJS9w3E0b_PCJJB-U0Q-uXF00jBspnQFP7Izh7xg73UEYI_OsFKGUjtvZWehapPNjhxxovc4Gqlv_ui3xC40LE2RSikyfhYXQGc5YVZsDGR9yE_8mcw2o1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=YNhUFlNXinz8LgHwbL24RQH-ZbXxyvcr7OOnguhxng8ZuiFTPNJ9QXh8dtoptfX3BeFWG9A9Hk63eLbtbIxk0HvJhkP2FoYJavizwe94hutTawufYPfHJsHAawGlkTxEe6yX2kZBiYdQxI60gLHN2g2&t=638611486905325876 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=QLrP6mIJ7ueSGHO76v9yfTImQUOtYCoOjHacorzH5TLKOrh9q9RxJn4yT2gwt-5hCto2xKcJLNcreE4qet4Lh8rEpzV0U1CdXTgP1HQS6sdYdfc3vDJz_AHQWhudWnHugQouXXFhySP7eLg7L_3MN7WQWeyz2NjjwVkoZ_qPHIuVWaKEoOm3CQ7ncbyZM4_YTXDCK8GCLjftpLcukJlboowfkGtZtJ8Ej00GYvDVARg1&t=7a0cc936 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/wait_animation.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_speaker.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_Microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://1f0e1fe2-4e5d42df.dcateam.com/?ru=https%3a%2f%2fadobesign.dcateam.com%2fcommon%2freprocess%3fctx%3drQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuAQCjnptMZib6bQhIWSaYlJP2CpGZcJG6F9gZHzByDiJSbYoPykzT688MzmjxCE9tSgjsSilJKkosTQPpOwWk6B_UbpnSnixW2pKalFiSWZ-3iNm_HousAi8YuExYLbi4OASYJBgUGD4wcK4iBXo0uaJ--MYuA1cNx6RO6G_k4fhFKu-r4WJY2CRT1F2ZFm-l3NkvneaY7lJbnBZUlW5aaVJRG65e1KUs2ekX0hIua2RleEENqEJbEyn2Bg-sDF2sDPMYmc4wMl4gJfhB9-xN4e6197Y_s7jFb9OWXmwm1FySkGkoVdghktEkrG3gVFFmqNbRJGzd0llsl9Ufpi5Z4STWWZIse0GAYYHAgwA0&mkt=en-US&hosted=0&device_platform=Windows+10Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_text.gif HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /Default.aspx/GetCaptchaChallenge HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/hip_reload.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/footer_logo_grey_bg.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /images/header_Microsoft.png HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /favicon.ico?v=1342177280 HTTP/1.1Host: 1f0e1fe2-4e5d42df.dcateam.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="
Source: global traffic	HTTP traffic detected: GET /4e5d42dfbe6c47edb237a2ec04853e46/ HTTP/1.1Host: adobesign.dcateam.comConnection: UpgradePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Upgrade: websocketOrigin: https://adobesign.dcateam.comSec-WebSocket-Version: 13Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: 3TAkb9="NGU1ZDQyZGYtYmU2Yy00N2VkLWIyMzctYTJlYzA0ODUzZTQ2OjQyZWM3ZTEwLWEwNzgtNDZmYy04ZDIxLTA5YjI0NTI1NDRiNg=="; AADSSO=NA\|NoExtension; brcap=0Sec-WebSocket-Key: hENaFnLpPPVT4rEBWOB/7Q==Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

Source: global traffic	DNS traffic detected: DNS query: sothebys.us.com
Source: global traffic	DNS traffic detected: DNS query: a.nel.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: adobesign.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: df977804-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 179eef38-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: l1ve.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 4b8136b0-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 03fe54c2-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 7a4e0ce6-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 2c1fa62b-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 1f0e1fe2-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: ca0bbba6-4e5d42df.dcateam.com
Source: global traffic	DNS traffic detected: DNS query: 28e58987-4e5d42df.dcateam.com

Source: unknown

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 3c1d1121-0435-480d-8908-ffd071725100x-ms-ests-server: 2.1.19005.8 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:50 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: de51e5f0-e1ac-4f13-b60e-d55775303802x-ms-ests-server: 2.1.18947.4 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:59 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: c8d8f28f-e568-41aa-86ad-1c83dcda6601x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:05:59 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: no-store, no-cachex-ms-correlation-id: 8484d4f4-2f89-4f27-a280-545fc7796727x-ua-compatible: IE=Edgex-cache: CONFIG_NOCACHEx-msedge-ref: Ref A: 348E7884988748159C10FE19C1C28064 Ref B: BY3EDGE0505 Ref C: 2024-09-27T07:05:58Zaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:04 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 5809b10e-ef84-4d1c-9f38-e3900bfc0a00x-ms-ests-server: 2.1.19005.8 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: c8d8f28f-e568-41aa-86ad-1c8364de6601x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:22 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 1dfbc23b-10c6-4d03-ab38-c7646db6a001x-ms-ests-server: 2.1.18947.4 - SEC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:30 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: 80a8380c-ea75-4108-98cb-2887d6b06701x-ms-ests-server: 2.1.18947.4 - NEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:43 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: de1382c1-dff5-4277-8ab3-ee3e00240600x-ms-ests-server: 2.1.19005.8 - WEULR1 ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Fri, 27 Sep 2024 07:06:59 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: closeVary: Accept-Encodingcache-control: privatep3p: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: d7431b9b-59f5-4ccd-871f-1b14dbc46301x-ms-ests-server: 2.1.18947.4 - FRC ProdSlicesreport-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://2c1fa62b-4e5d42df.dcateam.com/api/report?catId=GW+estsfd+dub2"}]}nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}x-ms-srs: 1.Preferrer-policy: strict-origin-when-cross-originaccess-control-allow-origin: access-control-allow-headers:

Source: chromecache_127.2.dr, chromecache_95.2.dr	String found in binary or memory: https://28e58987-4e5d42df.dcateam.com:443/Images/hipaudioplay.png?vv=100
Source: chromecache_127.2.dr	String found in binary or memory: https://46d74361-4e5d42df.dcateam.com/en-US/privacystatement
Source: chromecache_95.2.dr	String found in binary or memory: https://account.dcateam.com/resetpassword.aspx
Source: chromecache_127.2.dr	String found in binary or memory: https://wwwms.dcateam.com/en-US/servicesagreement/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49833 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49753 version: TLS 1.2

Source: classification engine

Classification label: mal84.phis.win@18/114@42/6

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1944,i,14226714261646449891,17094810511241142371,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1944,i,14226714261646449891,17094810511241142371,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1520358
Product:	CloudBasic
Start time:	09:04:28
Start date:	27.09.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://sothebys.us.com/4RAoTxB4GI1Anz01wI1Achm3T2APW4Q3E4RAha4RA4DCm3TB4G4RAaunz01coTxq01