Windows Analysis Report
https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa

Overview

General Information

Sample URL:	https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa
Analysis ID:	1592049
Infos:

Detection

Score:	2
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

HTML page contains hidden javascript code

Suspicious form URL found

Uses insecure TLS / SSL version for HTTPS connection

Classification

Signatures

HTML body contains low number of good links

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

HTTP Parser: Base64 decoded: UQUWRXUS

Suspicious form URL found

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No favicon
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No favicon

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49739 version: TLS 1.0

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49739 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa HTTP/1.1Host: brightmorningteam.acemlna.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa HTTP/1.1Host: brightmorningteam.activehosted.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter HTTP/1.1Host: brightmorningteam.activehosted.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=b9a06b09005a9b79715498452db0aa11; cmp1002421028=cac6fe7aae12600ddd5aad7d35539d3d; __cf_bm=CXxpCkriJkyztbw511PsFob4a8dfiIn0gxcMk4w4FEg-1736959597-1.0.1.1-BkXAykHCgwHNPIrxsbxGvonLIhp8DasUlErREFG543mcOf34W6nJC1aMasCVyj4zF6KDnmBcwkD9v6C810iigQ
Source: global traffic	HTTP traffic detected: GET /ZzEmW/2024/11/07/0ec39b53-b720-4ff5-9d4e-80ae5d2b0133.png HTTP/1.1Host: content.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css?family=open-sans:400,700 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /diffuser/diffuser.js HTTP/1.1Host: diffuser-cdn.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?onload=recaptcha_callback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-latin-400-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-symbols-700-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-symbols-400-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-latin-700-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /diffuser/diffuser.js HTTP/1.1Host: diffuser-cdn.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?a=1002421028&u=https%3A%2F%2Fbrightmorningteam.activehosted.com%2Ff%2F158%3Fs%3Dc7bc722fa31ed07a45768c9be8733ff5%26nl%3D1%26c%3D1728%26m%3D9908%26utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DNeuroscience%2520tips%2520for%2520better%2520team%2520leadership%26utm_campaign%3DM%252C%25201%252F13%252F25%2520-%2520Newsletter HTTP/1.1Host: prism.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ZzEmW/2024/11/07/0ec39b53-b720-4ff5-9d4e-80ae5d2b0133.png HTTP/1.1Host: content.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?onload=recaptcha_callback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?a=1002421028&u=https%3A%2F%2Fbrightmorningteam.activehosted.com%2Ff%2F158%3Fs%3Dc7bc722fa31ed07a45768c9be8733ff5%26nl%3D1%26c%3D1728%26m%3D9908%26utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DNeuroscience%2520tips%2520for%2520better%2520team%2520leadership%26utm_campaign%3DM%252C%25201%252F13%252F25%2520-%2520Newsletter HTTP/1.1Host: prism.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: prism_1002421028=665e1bfa-4f19-41c8-beed-eee1a7a78791
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfz HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.278.2.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /media/favicon.ico HTTP/1.1Host: d3rxaij56vjege.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.278.2.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /media/favicon.ico HTTP/1.1Host: d3rxaij56vjege.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=10822&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605&af=err,spa,xhr,stn,ins&ap=322&be=2643&fe=7361&dc=1116&at=HxVHFgsdRU4UBRZfSBlK&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1736959595292,%22n%22:0,%22f%22:1713,%22dn%22:1716,%22dne%22:1716,%22c%22:1716,%22s%22:1717,%22ce%22:2175,%22rq%22:2175,%22rp%22:2643,%22rpe%22:2911,%22di%22:3758,%22ds%22:3758,%22de%22:3759,%22dc%22:9998,%22l%22:9998,%22le%22:10004%7D,%22navigation%22:%7B%7D%7D&fp=3767&fcp=3767 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=11489&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41493&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41499&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=71509&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: brightmorningteam.acemlna.com
Source: global traffic	DNS traffic detected: DNS query: brightmorningteam.activehosted.com
Source: global traffic	DNS traffic detected: DNS query: fonts.bunny.net
Source: global traffic	DNS traffic detected: DNS query: content.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: diffuser-cdn.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: prism.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: d3rxaij56vjege.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net

Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php
Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php?
Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php?jsonp=true
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_63.2.dr	String found in binary or memory: https://d226aj4ao1t61q.cloudfront.net/haao08fw5_ac_symbol_blue.png
Source: chromecache_63.2.dr	String found in binary or memory: https://d3rxaij56vjege.cloudfront.net/media/favicon.ico
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_63.2.dr	String found in binary or memory: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Source: chromecache_63.2.dr	String found in binary or memory: https://fonts.bunny.net/css?family=open-sans:400
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-700-normal.woff2)
Source: chromecache_92.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_63.2.dr	String found in binary or memory: https://unpkg.com/intl-tel-input
Source: chromecache_63.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr, chromecache_72.2.dr, chromecache_91.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_65.2.dr, chromecache_72.2.dr, chromecache_91.2.dr, chromecache_68.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: classification engine

Classification label: clean2.win@18/54@40/16

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 --field-trial-handle=2364,i,14294915167031781044,245127136332851644,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 --field-trial-handle=2364,i,14294915167031781044,245127136332851644,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.245.45.143	d3rxaij56vjege.cloudfront.net	United States	16509	AMAZON-02US	false
104.18.128.216	unknown	United States	13335	CLOUDFLARENETUS	false
162.247.243.39	js-agent.newrelic.com	United States	13335	CLOUDFLARENETUS	false
18.245.45.59	unknown	United States	16509	AMAZON-02US	false
142.250.185.68	unknown	United States	15169	GOOGLEUS	false
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
216.58.206.68	unknown	United States	15169	GOOGLEUS	false
169.150.236.105	bunnyfonts.b-cdn.net	United States	2711	SPIRITTEL-ASUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
54.82.80.250	brightmorningteam.acemlna.com	United States	14618	AMAZON-AESUS	false
104.17.205.31	brightmorningteam.activehosted.com	United States	13335	CLOUDFLARENETUS	false
142.250.181.228	www.google.com	United States	15169	GOOGLEUS	false
162.247.243.29	fastly-tls12-bam.nr-data.net	United States	13335	CLOUDFLARENETUS	false
104.17.31.174	prism.app-us1.com	United States	13335	CLOUDFLARENETUS	false

Private

IP
192.168.2.16
192.168.2.4

Contacted Domains

Name	IP	Active
brightmorningteam.activehosted.com	104.17.205.31	true
fastly-tls12-bam.nr-data.net	162.247.243.29	true
prism.app-us1.com	104.17.31.174	true
brightmorningteam.acemlna.com	54.82.80.250	true
content.app-us1.com	104.17.31.174	true
diffuser-cdn.app-us1.com	104.17.31.174	true
js-agent.newrelic.com	162.247.243.39	true
www.google.com	142.250.181.228	true
d3rxaij56vjege.cloudfront.net	18.245.45.143	true
bunnyfonts.b-cdn.net	169.150.236.105	true
fonts.bunny.net	unknown	unknown
bam.nr-data.net	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://bam.nr-data.net/jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=71509&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605	false		high
https://bam.nr-data.net/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=10822&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605&af=err,spa,xhr,stn,ins&ap=322&be=2643&fe=7361&dc=1116&at=HxVHFgsdRU4UBRZfSBlK&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1736959595292,%22n%22:0,%22f%22:1713,%22dn%22:1716,%22dne%22:1716,%22c%22:1716,%22s%22:1717,%22ce%22:2175,%22rq%22:2175,%22rp%22:2643,%22rpe%22:2911,%22di%22:3758,%22ds%22:3758,%22de%22:3759,%22dc%22:9998,%22l%22:9998,%22le%22:10004%7D,%22navigation%22:%7B%7D%7D&fp=3767&fcp=3767	false		high
https://prism.app-us1.com/?a=1002421028&u=https%3A%2F%2Fbrightmorningteam.activehosted.com%2Ff%2F158%3Fs%3Dc7bc722fa31ed07a45768c9be8733ff5%26nl%3D1%26c%3D1728%26m%3D9908%26utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DNeuroscience%2520tips%2520for%2520better%2520team%2520leadership%26utm_campaign%3DM%252C%25201%252F13%252F25%2520-%2520Newsletter	false		high
https://www.google.com/js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js	false		high
https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff2	false		high
https://www.google.com/recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go	false		high
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js	false		high
https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2	false		high
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF	false		high
https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa	false		unknown
https://bam.nr-data.net/jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41499&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605	false		high
https://bam.nr-data.net/events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41493&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605	false		high
https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff2	false		high
https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	false		unknown
https://content.app-us1.com/ZzEmW/2024/11/07/0ec39b53-b720-4ff5-9d4e-80ae5d2b0133.png	false		high
https://d3rxaij56vjege.cloudfront.net/media/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfz	false		high
https://js-agent.newrelic.com/nr-spa-1.278.2.min.js	false		high
https://fonts.bunny.net/css?family=open-sans:400,700	false		high
https://bam.nr-data.net/events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=11489&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605	false		high
https://fonts.bunny.net/open-sans/files/open-sans-symbols-700-normal.woff2	false		high
https://brightmorningteam.activehosted.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 60	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 61	Web Open Font Format (Version 2), TrueType, length 15344, version 1.0	5D4AEB4E5F5EF754E307D7FFAEF688BD	06DB651CDF354C64A7383EA9C77024EF4FB4CEF8	3E253B66056519AA065B00A453BAC37AC5ED8F3E6FE7B542E93A9DCDCC11D0BC
Chrome Cache Entry: 62	Unicode text, UTF-8 text, with very long lines (33260), with no line terminators	234346615B452270C8EE1158258C83BB	6073CDEAED3A3C4005FA766BD9A8573B07DE2459	26DB36707844FA367F47C47B4B614DB27A608286FE71D9FF8C3012DBE71C5499
Chrome Cache Entry: 63	HTML document, ASCII text, with very long lines (58863)	E65047845635CED73943597998E6F1E2	1A8C72BE57304D9199853D7E0A34830DC1B25369	C62DFD8F01A1C2B640D05ECADE87AC8158F37C416DEB61E590669F3F77A95C4A
Chrome Cache Entry: 64	ASCII text, with very long lines (65460)	1C1F4D86AF33DFBDE894FED8BE69496E	F70558267E35B333E926FA72B725F5E8785981EC	853A2ECAC03D6311DC032989D9D3CA69ED9B77789C6885C8F634EBA9111C33F9
Chrome Cache Entry: 65	ASCII text, with no line terminators	C206147C7CAE99642A4F8A2C640A0019	8C32B7B7E0807BBE85E5C8C94F87AFEA31EEDC40	6F55ADBECCE78B9C566F8DC830177DC91782702FF35F213F009FC2B902E25603
Chrome Cache Entry: 66	Web Open Font Format (Version 2), TrueType, length 18260, version 1.0	36F81686BBF993FBFE3AED9AE2F55E5B	5D18E2D5E48E0F5BA172E7477EED432541087402	114F872ABF6CAE70383B09CA2168821991FDE718702D79CDC457A49B03560CB0
Chrome Cache Entry: 67	Web Open Font Format (Version 2), TrueType, length 10180, version 1.0	31C3253C6146D2A15CEDFCFBC975EF7D	11F185BE446D870DDBAA7BFFF3382E428DDDF853	37C813E5C95A107D3992C300F1B03A488E70570166EB45687FEDAB8D1F3B6C7B
Chrome Cache Entry: 68	ASCII text, with no line terminators	C206147C7CAE99642A4F8A2C640A0019	8C32B7B7E0807BBE85E5C8C94F87AFEA31EEDC40	6F55ADBECCE78B9C566F8DC830177DC91782702FF35F213F009FC2B902E25603
Chrome Cache Entry: 69	JSON data	8E3DB10AF5A3E1CABE7AA67674E21188	E2314B0038DF2D49DDBE461F33A6797D4586CDE0	87ECD5BABD6FD9F4F6F796D745AA38751FAF3985E3B55F87A2F53E506FE07362
Chrome Cache Entry: 70	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 71	Web Open Font Format (Version 2), TrueType, length 10048, version 1.0	551A2AFE6444FC8E444E391A19F251FD	FDAC325526DC3F47C45DED1BF01660D0DF590DBB	A46B80CEE6E7D76F70F227ECD79788F6AF78440FD3DF414D97972D215DF60580
Chrome Cache Entry: 72	ASCII text, with very long lines (1497), with no line terminators	9405218B09BC7C791DB05058F0C6D8EC	E55A501753956254073C92F01BDC915E3414979B	B7500420DD4720CFFEAAB477C64E5C8A7A624C2E4A9BB907D0650C5E26ADC35D
Chrome Cache Entry: 73	Web Open Font Format (Version 2), TrueType, length 18668, version 1.0	8655D20BBCC8CDBFAB17B6BE6CF55DF3	90EDBFA9A7DABB185487B4774076F82EB6412270	E7AF9D60D875EB1C1B1037BBBFDEC41FCB096D0EBCF98A48717AD8B07906CED6
Chrome Cache Entry: 74	ASCII text, with very long lines (65460)	1C1F4D86AF33DFBDE894FED8BE69496E	F70558267E35B333E926FA72B725F5E8785981EC	853A2ECAC03D6311DC032989D9D3CA69ED9B77789C6885C8F634EBA9111C33F9
Chrome Cache Entry: 75	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 76	ASCII text, with very long lines (65536), with no line terminators	6AEC8CFD5D3A790339DC627F9F1229B5	B6C8CFFE38E1015DD8595F2DD1A92435E2795874	80583FA3C83831A9E036EBA0500D1B9C0D30892D0701F1617E0FAFAF5AEAA2CA
Chrome Cache Entry: 77	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 78	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	EF9941290C50CD3866E2BA6B793F010D	4736508C795667DCEA21F8D864233031223B7832	1B9EFB22C938500971AAC2B2130A475FA23684DD69E43103894968DF83145B8A
Chrome Cache Entry: 79	Unicode text, UTF-8 text, with very long lines (33260), with no line terminators	234346615B452270C8EE1158258C83BB	6073CDEAED3A3C4005FA766BD9A8573B07DE2459	26DB36707844FA367F47C47B4B614DB27A608286FE71D9FF8C3012DBE71C5499
Chrome Cache Entry: 80	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 81	PNG image data, 2160 x 1260, 8-bit/color RGB, non-interlaced	932C3469A2F37B6187590C82878A3D09	787A4121F66D7D902381E3B6A2C2A83BDA8DBDA9	29E31DEAC927D9D5F098F45FE28E6D57D7D86BEBAD2E9CF5DBDE638F8705ABBA
Chrome Cache Entry: 82	ASCII text, with very long lines (18318)	6F6D3B561738FD855AB800DA5B967D3D	653DAE597FE07100DD1863EF43DA6A2432D98959	098E08750F0F34EAACF6E80FC536898768585B2F26D6516EFFF38879C3D69FEC
Chrome Cache Entry: 83	ASCII text, with very long lines (1445)	91EC96FECB2B201077DE23469AD1D3AE	30A811C210B78CE46C49FB86D8819537797DA958	8F7DA4B700661BE6CCAD00CCD884FFFE2068775331A92E67FF8A922DB2E7D956
Chrome Cache Entry: 84	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	2ED86F7B79C7AFA8FC13DA5D9180C70A	E234C01F9B5F8510E2DF6D7247E655E35E8E58F9	424BC306A7592F083083582B9240E0EBCAD2338861B8D6D218A4E51F1349B733
Chrome Cache Entry: 85	PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced	2ED86F7B79C7AFA8FC13DA5D9180C70A	E234C01F9B5F8510E2DF6D7247E655E35E8E58F9	424BC306A7592F083083582B9240E0EBCAD2338861B8D6D218A4E51F1349B733
Chrome Cache Entry: 86	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 87	ASCII text, with very long lines (18318)	6F6D3B561738FD855AB800DA5B967D3D	653DAE597FE07100DD1863EF43DA6A2432D98959	098E08750F0F34EAACF6E80FC536898768585B2F26D6516EFFF38879C3D69FEC
Chrome Cache Entry: 88	ASCII text, with no line terminators	AF1C18A046BC9EA2DA4F5D5F21AB0010	0043EEFEDEB90BBC788815FF3909E88EC6EE1393	27925C8E95AFE4AF4B528FA0B17F3C923997D9EC91DF9E893F62BEF35FC1B314
Chrome Cache Entry: 89	ASCII text, with no line terminators	1B959FD99F4E7A3A3BE5FB12B211A5AF	31DD012C37B154844D5BB4691E63BD4E671E6402	E03B283CE9C486BCD6CE35B5E1AE0DE9A97524208A2D8AA3A83CD351D276802C
Chrome Cache Entry: 90	GIF image data, version 89a, 1 x 1	BC32ED98D624ACB4008F986349A20D26	2D3DF8C11D2168CE2C27E0937421D11D85016361	0C9CF152A0AD00D4F102C93C613C104914BE5517AC8F8E0831727F8BFBE8B300
Chrome Cache Entry: 91	ASCII text, with very long lines (1497), with no line terminators	9405218B09BC7C791DB05058F0C6D8EC	E55A501753956254073C92F01BDC915E3414979B	B7500420DD4720CFFEAAB477C64E5C8A7A624C2E4A9BB907D0650C5E26ADC35D
Chrome Cache Entry: 92	HTML document, ASCII text, with very long lines (654)	19DDAC3BE88EDA2C8263C5D52FA7F6BD	C81720778F57C56244C72CE6EF402BB4DE5F9619	B261530F05E272E18B5B5C86D860C4979C82B5B6C538E1643B3C94FC9BA76DD6
Chrome Cache Entry: 93	PNG image data, 2160 x 1260, 8-bit/color RGB, non-interlaced	932C3469A2F37B6187590C82878A3D09	787A4121F66D7D902381E3B6A2C2A83BDA8DBDA9	29E31DEAC927D9D5F098F45FE28E6D57D7D86BEBAD2E9CF5DBDE638F8705ABBA

HTML body contains low number of good links

HTTP Parser: Number of links: 0

HTML page contains hidden javascript code

HTTP Parser: Base64 decoded: UQUWRXUS

Suspicious form URL found

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: Form action: https://brightmorningteam.activehosted.com/proc.php

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No favicon
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No favicon

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="author".. found

Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found
Source: https://brightmorningteam.activehosted.com/f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter	HTTP Parser: No <meta name="copyright".. found

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49739 version: TLS 1.0

Uses insecure TLS / SSL version for HTTPS connection

Source: unknown

HTTPS traffic detected: 173.222.162.32:443 -> 192.168.2.4:49739 version: TLS 1.0

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa HTTP/1.1Host: brightmorningteam.acemlna.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa HTTP/1.1Host: brightmorningteam.activehosted.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /f/158?s=c7bc722fa31ed07a45768c9be8733ff5&nl=1&c=1728&m=9908&utm_source=ActiveCampaign&utm_medium=email&utm_content=Neuroscience%20tips%20for%20better%20team%20leadership&utm_campaign=M%2C%201%2F13%2F25%20-%20Newsletter HTTP/1.1Host: brightmorningteam.activehosted.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=b9a06b09005a9b79715498452db0aa11; cmp1002421028=cac6fe7aae12600ddd5aad7d35539d3d; __cf_bm=CXxpCkriJkyztbw511PsFob4a8dfiIn0gxcMk4w4FEg-1736959597-1.0.1.1-BkXAykHCgwHNPIrxsbxGvonLIhp8DasUlErREFG543mcOf34W6nJC1aMasCVyj4zF6KDnmBcwkD9v6C810iigQ
Source: global traffic	HTTP traffic detected: GET /ZzEmW/2024/11/07/0ec39b53-b720-4ff5-9d4e-80ae5d2b0133.png HTTP/1.1Host: content.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css?family=open-sans:400,700 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /diffuser/diffuser.js HTTP/1.1Host: diffuser-cdn.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?onload=recaptcha_callback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-latin-400-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-symbols-700-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-symbols-400-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /open-sans/files/open-sans-latin-700-normal.woff2 HTTP/1.1Host: fonts.bunny.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.bunny.net/css?family=open-sans:400,700Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /diffuser/diffuser.js HTTP/1.1Host: diffuser-cdn.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?a=1002421028&u=https%3A%2F%2Fbrightmorningteam.activehosted.com%2Ff%2F158%3Fs%3Dc7bc722fa31ed07a45768c9be8733ff5%26nl%3D1%26c%3D1728%26m%3D9908%26utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DNeuroscience%2520tips%2520for%2520better%2520team%2520leadership%26utm_campaign%3DM%252C%25201%252F13%252F25%2520-%2520Newsletter HTTP/1.1Host: prism.app-us1.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ZzEmW/2024/11/07/0ec39b53-b720-4ff5-9d4e-80ae5d2b0133.png HTTP/1.1Host: content.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?onload=recaptcha_callback&render=explicit HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /?a=1002421028&u=https%3A%2F%2Fbrightmorningteam.activehosted.com%2Ff%2F158%3Fs%3Dc7bc722fa31ed07a45768c9be8733ff5%26nl%3D1%26c%3D1728%26m%3D9908%26utm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DNeuroscience%2520tips%2520for%2520better%2520team%2520leadership%26utm_campaign%3DM%252C%25201%252F13%252F25%2520-%2520Newsletter HTTP/1.1Host: prism.app-us1.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: prism_1002421028=665e1bfa-4f19-41c8-beed-eee1a7a78791
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfz HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly9icmlnaHRtb3JuaW5ndGVhbS5hY3RpdmVob3N0ZWQuY29tOjQ0Mw..&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=normal&cb=z1bw6zgaogfzAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.278.2.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://brightmorningteam.activehosted.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/CY4IdQ8PNOqs9ugPxTaJh2hYWy8m1lFu__OIecPWn-w.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/bframe?hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiTocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /media/favicon.ico HTTP/1.1Host: d3rxaij56vjege.cloudfront.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://brightmorningteam.activehosted.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /nr-spa-1.278.2.min.js HTTP/1.1Host: js-agent.newrelic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /media/favicon.ico HTTP/1.1Host: d3rxaij56vjege.cloudfront.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=10822&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605&af=err,spa,xhr,stn,ins&ap=322&be=2643&fe=7361&dc=1116&at=HxVHFgsdRU4UBRZfSBlK&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1736959595292,%22n%22:0,%22f%22:1713,%22dn%22:1716,%22dne%22:1716,%22c%22:1716,%22s%22:1717,%22ce%22:2175,%22rq%22:2175,%22rp%22:2643,%22rpe%22:2911,%22di%22:3758,%22ds%22:3758,%22de%22:3759,%22dc%22:9998,%22l%22:9998,%22le%22:10004%7D,%22navigation%22:%7B%7D%7D&fp=3767&fcp=3767 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=11489&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /events/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41493&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=41499&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /jserrors/1/d3d5c809d5?a=456978955&v=1.278.2&to=M1JQYEMHVhFXB0AMXAoYZ0ZYSV5NQA1REh0UX0I%3D&rst=71509&ck=0&s=94640e84d6b39649&ref=https://brightmorningteam.activehosted.com/f/158&ptid=3a23e012b4bdc605 HTTP/1.1Host: bam.nr-data.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: brightmorningteam.acemlna.com
Source: global traffic	DNS traffic detected: DNS query: brightmorningteam.activehosted.com
Source: global traffic	DNS traffic detected: DNS query: fonts.bunny.net
Source: global traffic	DNS traffic detected: DNS query: content.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: diffuser-cdn.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: prism.app-us1.com
Source: global traffic	DNS traffic detected: DNS query: js-agent.newrelic.com
Source: global traffic	DNS traffic detected: DNS query: d3rxaij56vjege.cloudfront.net
Source: global traffic	DNS traffic detected: DNS query: bam.nr-data.net

Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php
Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php?
Source: chromecache_63.2.dr	String found in binary or memory: https://brightmorningteam.activehosted.com/proc.php?jsonp=true
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_63.2.dr	String found in binary or memory: https://d226aj4ao1t61q.cloudfront.net/haao08fw5_ac_symbol_blue.png
Source: chromecache_63.2.dr	String found in binary or memory: https://d3rxaij56vjege.cloudfront.net/media/favicon.ico
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_63.2.dr	String found in binary or memory: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Source: chromecache_63.2.dr	String found in binary or memory: https://fonts.bunny.net/css?family=open-sans:400
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-cyrillic-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-greek-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-hebrew-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-latin-ext-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-math-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-symbols-700-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-400-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-400-normal.woff2)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-700-normal.woff)
Source: chromecache_83.2.dr	String found in binary or memory: https://fonts.bunny.net/open-sans/files/open-sans-vietnamese-700-normal.woff2)
Source: chromecache_92.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_63.2.dr	String found in binary or memory: https://unpkg.com/intl-tel-input
Source: chromecache_63.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr, chromecache_72.2.dr, chromecache_91.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_80.2.dr, chromecache_86.2.dr, chromecache_92.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__.
Source: chromecache_65.2.dr, chromecache_72.2.dr, chromecache_91.2.dr, chromecache_68.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: classification engine

Classification label: clean2.win@18/54@40/16

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 --field-trial-handle=2364,i,14294915167031781044,245127136332851644,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2396 --field-trial-handle=2364,i,14294915167031781044,245127136332851644,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1592049
Product:	CloudBasic
Start time:	17:45:24
Start date:	15.01.2025
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://brightmorningteam.acemlna.com/lt.php?x=3DZy~GE4JILM6X77_gxIURWf1HNRj_P1k-1iZKM6KXec5aKvzUy.0OFy1nRzkNfulfYwbHPJJFKa