Windows Analysis Report
https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYT

Overview

General Information

Sample URL:	https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQz
Analysis ID:	1431761
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Signatures

There are no high impact signatures.

Source: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==	HTTP Parser: No favicon
Source: https://secured-login.net/pages/b05b184dfb782/[[URL]]	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291 HTTP/1.1Host: pppoauth.cert-sha256.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ== HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-modal-298c1edd0166bef9cbaf6b85083b95d5819753f027d6a841658c738f21e84e49.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-tooltip-1ae0d1e9729436272a0cdfaf2325f9aacea7d6f89787d08056eda54a1910752d.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-68d13d784ca9a21935d3004d873a9d547a5992deb153f1069c517f83cb514c7a.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /packs/js/vendor-954761ad0dceb106b971.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-90af55d793544fe1893f26677661a4252761afbe811fab0eced85c67bc82f984.png HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secured-login.net/assets/sei-flag-68d13d784ca9a21935d3004d873a9d547a5992deb153f1069c517f83cb514c7a.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-90af55d793544fe1893f26677661a4252761afbe811fab0eced85c67bc82f984.png HTTP/1.1Host: secured-login.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: secured-login.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pages/b05b184dfb782/[[URL]] HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: pppoauth.cert-sha256.com
Source: global traffic	DNS traffic detected: DNS query: secured-login.net
Source: global traffic	DNS traffic detected: DNS query: images.lex.doe.gov
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_48.2.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jquery.com/jQuery.ajax/)
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/accordion/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/autocomplete/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/blind-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/bounce-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/button/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/checkboxradio/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/clip-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/controlgroup/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/datepicker/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/dialog/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/drop-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/explode-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/fade-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/fold-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/highlight-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/menu/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/progressbar/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/puff-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/pulsate-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/scale-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/selectmenu/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/shake-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/size-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/slide-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/slider/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/spinner/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tabs/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tooltip/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/transfer-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_48.2.dr	String found in binary or memory: http://blog.jquery.com/2012/08/09/jquery-1-8-released/
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11778
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7552
Source: chromecache_48.2.dr	String found in binary or memory: http://creativecommons.org/licenses/by/3.0/)
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net).
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/license
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/license/mit
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/manual/styling/bootstrap
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/tn/
Source: chromecache_48.2.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_48.2.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_48.2.dr	String found in binary or memory: http://eligrey.com
Source: chromecache_48.2.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_48.2.dr	String found in binary or memory: http://flightschool.acylt.com/devnotes/caret-position-woes/
Source: chromecache_48.2.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_48.2.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_48.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_48.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/accordion/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/autocomplete/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/button/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/checkboxradio/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/controlgroup/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/datepicker/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/dialog/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/menu/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/progressbar/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/selectmenu/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/slider/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/spinner/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/tabs/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/tooltip/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_48.2.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/html-decode
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/tostring-v-check
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_48.2.dr	String found in binary or memory: http://pdfmake.org
Source: chromecache_48.2.dr	String found in binary or memory: http://semver.org/
Source: chromecache_48.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/21336448/937891
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/26707753
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/32954565/96342
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/384380/937891
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/questions/8898412
Source: chromecache_48.2.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_48.2.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0)
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: chromecache_48.2.dr	String found in binary or memory: http://www.datatables.net
Source: chromecache_48.2.dr	String found in binary or memory: http://www.datatables.net/extensions/select
Source: chromecache_48.2.dr	String found in binary or memory: http://www.macromedia.com/go/getflashplayer
Source: chromecache_48.2.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_48.2.dr	String found in binary or memory: http://www.sprymedia.co.uk/dataTables/lang.txt
Source: chromecache_48.2.dr	String found in binary or memory: https://blog.alexmaccaw.com/css-transitions
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=47182
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#altinput
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#dateformat
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#disable
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#inline-calendar
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=313082
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_48.2.dr	String found in binary or memory: https://datatables.net/tn/11
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.apple.com/library/safari/documentation/Tools/Conceptual/SafariExtensionGuide/Worki
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Using_Firefox_1.5_caching
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.snapappointments.com/bootstrap-select)
Source: chromecache_48.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_48.2.dr	String found in binary or memory: https://fullcalendar.io/
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#affix
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#alerts
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#buttons
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#carousel
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#collapse
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#dropdowns
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#modals
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#popovers
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#scrollspy
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tabs
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tooltip
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#transitions
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/DoersGuild/jQuery.print/issues/18#issuecomment-96451589
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/angular/angular/blob/7.2.4/packages/core/src/sanitization/url_sanitizer.ts
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/bassjobsen/Bootstrap-3-Typeahead
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/davidstutz/bootstrap-multiselect)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/eligrey/classList.js/issues/36
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color/
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-ui/blob/1.11.0/ui/core.js#L51
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/2.2.4/src/core.js#L448
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/issues/4382
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_47.2.dr	String found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/rails/jquery-ujs
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/rails/jquery-ujs/issues/357
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/snapappointments/bootstrap-select/blob/master/LICENSE)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/14093
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/20280
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/uxsolutions/bootstrap-datepicker)
Source: chromecache_48.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_49.2.dr	String found in binary or memory: https://images.lex.doe.gov/rts/LogoEnergyPPPO.png
Source: chromecache_48.2.dr	String found in binary or memory: https://itsjavi.com/bootstrap-colorpicker/
Source: chromecache_48.2.dr	String found in binary or memory: https://jsperf.com/childnodes-array-slice-vs-loop
Source: chromecache_48.2.dr	String found in binary or memory: https://modernizr.com/)
Source: chromecache_48.2.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_48.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_52.2.dr	String found in binary or memory: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0U
Source: chromecache_48.2.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_48.2.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_48.2.dr	String found in binary or memory: https://www.chromestatus.com/features/5093566007214080
Source: chromecache_48.2.dr	String found in binary or memory: https://www.ecma-international.org/news/TC45_current_work/Office%20Open%20XML%20Part%204%20-%20Marku

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@18/23@10/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2560 --field-trial-handle=2216,i,2404487244690015783,12100135432252379263,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2560 --field-trial-handle=2216,i,2404487244690015783,12100135432252379263,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
3.223.165.17	landing.training.knowbe4.com	United States	14618	AMAZON-AESUS	false
34.192.236.148	secured-login.net	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
74.143.212.194	images.lex.doe.gov	United States	10796	TWC-10796-MIDWESTUS	false
108.177.122.147	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.16
192.168.2.4

Contacted Domains

Name	IP	Active
images.lex.doe.gov	74.143.212.194	true
www.google.com	108.177.122.147	true
secured-login.net	34.192.236.148	true
fp2e7a.wpc.phicdn.net	192.229.211.108	true
landing.training.knowbe4.com	3.223.165.17	true
pppoauth.cert-sha256.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://secured-login.net/assets/sei-tooltip-1ae0d1e9729436272a0cdfaf2325f9aacea7d6f89787d08056eda54a1910752d.css	false	3%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==	false		unknown
https://secured-login.net/assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js	false	3%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://secured-login.net/assets/sei-modal-298c1edd0166bef9cbaf6b85083b95d5819753f027d6a841658c738f21e84e49.css	false	3%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://secured-login.net/favicon.ico	false	1%, Virustotal, Browse Avira URL Cloud: safe	unknown
https://secured-login.net/pages/b05b184dfb782/[[URL]]	false		unknown

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 46	HTML document, ASCII text, with very long lines (18403), with no line terminators	BF36C4FB9C28804F529E03FCB3F0A80F	7346D38A76DD26BC65A08EC76722550630294919	84A3D35500BED24EB5A54D480CEEC5A1E3F096F2B62EB312B1931880F5D5A4AC
Chrome Cache Entry: 47	HTML document, ASCII text	BF2F96E6233DE3D8C0346085AC28248A	4DB267704D7E3FB2489CF96E82862A2245CD9311	EE94DDA0AF1FC5C5045741B39E54136015365EEDCA34095F1D3C666998BB442D
Chrome Cache Entry: 48	ASCII text	F1232635B40CBFAE664CA09BA03FC9C3	C70240DA2684DB0184AB4C123B7F686035A8FB93	55644838E3E24BB2ED95B03654F6BC0AB4B5725F73BD9E6656C50AB8441194FF
Chrome Cache Entry: 49	HTML document, Unicode text, UTF-8 text, with very long lines (694)	D1AC32277B5F7963450009BDD6F0C466	1CDFC4AEC49066166436CBFC1A891ADA0BE6C24A	37F58993FA1D5E9F0953A6235DF87D001A91F69D542AED1368117C9F67F61701
Chrome Cache Entry: 50	ASCII text	D9BFBA2D8E707985140CB26F037833B8	679D1BF8930BF70C01A24C8F98EC83658D004FAE	15C00ABDC9E9462D2538982039515C2EE3A056DFAEF70B944C0B234C1DDA1270
Chrome Cache Entry: 51	PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced	A907E6E737788176B026FA71DFE8AFFE	6844236F638CEDCD652EB0A805476A1A13376CF5	FC5E7621BA0E98C5C6728E3B2BDF802311C0A0953A05E60A7551CB0C7BED00A9
Chrome Cache Entry: 52	HTML document, ASCII text, with very long lines (408)	595A7AA85948F0FD8582EB0C20F032F0	5B2F6D78C3C17D4F009B72DFC81234D6EB252D7E	AA5435FA4DD3D36F2C3523CBEE3268EEC096E84627C37B033410F19C9C509070
Chrome Cache Entry: 53	HTML document, ASCII text	2C42775B2A328C445B7122B571378437	1C0EFD0B31BC40AA0BCF66EA226A708E1DF98B70	01A432B43B929122A2C355002BAF21A439B54020A72BF041B481053E3AF0138B
Chrome Cache Entry: 54	PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced	A907E6E737788176B026FA71DFE8AFFE	6844236F638CEDCD652EB0A805476A1A13376CF5	FC5E7621BA0E98C5C6728E3B2BDF802311C0A0953A05E60A7551CB0C7BED00A9
Chrome Cache Entry: 55	ASCII text	D419D0A3553E06FF5A25865A4AF122BD	2121E97CBC3C7738232A392FDE15B5F3C000110E	24152D098D5744697D79F0A2A169038A204EB8C53A3F6E23B227B178712B53C1
Chrome Cache Entry: 56	ASCII text	22240D6A1F2F339EA0D69B2C411C0031	2E5F1A24915273AB55821BF47ADEE1CC80F04F36	AA429A1409118C19231CD62FEBF9049A30F5C8B60BF9D18CA5CF4FB0E0C2BE51
Chrome Cache Entry: 57	ASCII text	15E89F9684B18EC43EE51F8D62A787C3	9CBAAACEAE96845ECD3497F41EE3B02588ABEC11	16F13E16A7EF02FB6F94250AA1931DED83DBEE5D9FAD278E33DD5792D085194F

There are no high impact signatures.

Source: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==	HTTP Parser: No favicon
Source: https://secured-login.net/pages/b05b184dfb782/[[URL]]	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 104.46.162.224
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	TCP traffic detected without corresponding DNS query: 199.232.214.172
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291 HTTP/1.1Host: pppoauth.cert-sha256.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ== HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-modal-298c1edd0166bef9cbaf6b85083b95d5819753f027d6a841658c738f21e84e49.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-tooltip-1ae0d1e9729436272a0cdfaf2325f9aacea7d6f89787d08056eda54a1910752d.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-68d13d784ca9a21935d3004d873a9d547a5992deb153f1069c517f83cb514c7a.css HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/application-b8fb25919f68be551e6730684a8ed34bc7dd2dac142e7cc51ebf7b09c48546d5.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /packs/js/vendor-954761ad0dceb106b971.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-90af55d793544fe1893f26677661a4252761afbe811fab0eced85c67bc82f984.png HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secured-login.net/assets/sei-flag-68d13d784ca9a21935d3004d873a9d547a5992deb153f1069c517f83cb514c7a.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /assets/sei-flag-90af55d793544fe1893f26677661a4252761afbe811fab0eced85c67bc82f984.png HTTP/1.1Host: secured-login.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: secured-login.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /pages/b05b184dfb782/[[URL]] HTTP/1.1Host: secured-login.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: pppoauth.cert-sha256.com
Source: global traffic	DNS traffic detected: DNS query: secured-login.net
Source: global traffic	DNS traffic detected: DNS query: images.lex.doe.gov
Source: global traffic	DNS traffic detected: DNS query: www.google.com

Source: chromecache_48.2.dr	String found in binary or memory: Http://bugs.jqueryui.com/ticket/9446
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jquery.com/jQuery.ajax/)
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/accordion/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/autocomplete/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/blind-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/bounce-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/button/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/category/effects-core/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/checkboxradio/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/clip-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/controlgroup/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/data-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/datepicker/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/dialog/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/disableSelection/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/draggable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/drop-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/droppable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/explode-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/fade-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/focusable-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/fold-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/form-reset-mixin/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/highlight-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.ui.keyCode/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/jQuery.widget/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/labels/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/menu/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/mouse/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/position/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/progressbar/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/puff-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/pulsate-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/resizable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/scale-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/scrollParent/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/selectable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/selectmenu/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/shake-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/size-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/slide-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/slider/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/sortable/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/spinner/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tabbable-selector/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tabs/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/tooltip/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/transfer-effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://api.jqueryui.com/uniqueId/
Source: chromecache_48.2.dr	String found in binary or memory: http://blog.jquery.com/2012/08/09/jquery-1-8-released/
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/11778
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/12359
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jquery.com/ticket/13378
Source: chromecache_48.2.dr	String found in binary or memory: http://bugs.jqueryui.com/ticket/7552
Source: chromecache_48.2.dr	String found in binary or memory: http://creativecommons.org/licenses/by/3.0/)
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net).
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/license
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/license/mit
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/manual/styling/bootstrap
Source: chromecache_48.2.dr	String found in binary or memory: http://datatables.net/tn/
Source: chromecache_48.2.dr	String found in binary or memory: http://dev.w3.org/csswg/cssom/#resolved-values
Source: chromecache_48.2.dr	String found in binary or memory: http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
Source: chromecache_48.2.dr	String found in binary or memory: http://eligrey.com
Source: chromecache_48.2.dr	String found in binary or memory: http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
Source: chromecache_48.2.dr	String found in binary or memory: http://flightschool.acylt.com/devnotes/caret-position-woes/
Source: chromecache_48.2.dr	String found in binary or memory: http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript
Source: chromecache_48.2.dr	String found in binary or memory: http://javascript.nwbox.com/IEContentLoaded/
Source: chromecache_48.2.dr	String found in binary or memory: http://jquery.com/
Source: chromecache_48.2.dr	String found in binary or memory: http://jquery.org/license
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/accordion/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/autocomplete/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/button/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/checkboxradio/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/controlgroup/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/datepicker/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/dialog/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/draggable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/droppable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/effect/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/menu/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/position/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/progressbar/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/resizable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/selectable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/selectmenu/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/slider/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/sortable/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/spinner/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/tabs/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/tooltip/
Source: chromecache_48.2.dr	String found in binary or memory: http://jqueryui.com/widget/
Source: chromecache_48.2.dr	String found in binary or memory: http://jsfiddle.net/JZSMt/3/
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/getall-vs-sizzle/2
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/html-decode
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/thor-indexof-vs-for/5
Source: chromecache_48.2.dr	String found in binary or memory: http://jsperf.com/tostring-v-check
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/add-inverted-param/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/define-locale/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/dst-shifted/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/js-date/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/min-max/
Source: chromecache_48.2.dr	String found in binary or memory: http://momentjs.com/guides/#/warnings/zone/
Source: chromecache_48.2.dr	String found in binary or memory: http://pdfmake.org
Source: chromecache_48.2.dr	String found in binary or memory: http://semver.org/
Source: chromecache_48.2.dr	String found in binary or memory: http://sizzlejs.com/
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/21336448/937891
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/26707753
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/32954565/96342
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/a/384380/937891
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
Source: chromecache_48.2.dr	String found in binary or memory: http://stackoverflow.com/questions/8898412
Source: chromecache_48.2.dr	String found in binary or memory: http://web.archive.org/web/20100324014747/http://blindsignals.com/index.php/2009/07/jquery-delay/
Source: chromecache_48.2.dr	String found in binary or memory: http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0)
Source: chromecache_48.2.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.txt
Source: chromecache_48.2.dr	String found in binary or memory: http://www.datatables.net
Source: chromecache_48.2.dr	String found in binary or memory: http://www.datatables.net/extensions/select
Source: chromecache_48.2.dr	String found in binary or memory: http://www.macromedia.com/go/getflashplayer
Source: chromecache_48.2.dr	String found in binary or memory: http://www.robertpenner.com/easing)
Source: chromecache_48.2.dr	String found in binary or memory: http://www.sprymedia.co.uk/dataTables/lang.txt
Source: chromecache_48.2.dr	String found in binary or memory: https://blog.alexmaccaw.com/css-transitions
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=107380
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=136851
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=29084
Source: chromecache_48.2.dr	String found in binary or memory: https://bugs.webkit.org/show_bug.cgi?id=47182
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=491668
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=561664
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=649285
Source: chromecache_48.2.dr	String found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=687787
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#altinput
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#dateformat
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#disable
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/#inline-calendar
Source: chromecache_48.2.dr	String found in binary or memory: https://chmln.github.io/flatpickr/examples/#flatpickr-external-elements
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=313082
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=378607
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=449857
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/chromium/issues/detail?id=470258
Source: chromecache_48.2.dr	String found in binary or memory: https://code.google.com/p/maashaack/source/browse/packages/graphics/trunk/src/graphics/colors/HUE2RG
Source: chromecache_48.2.dr	String found in binary or memory: https://datatables.net/tn/11
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.apple.com/library/safari/documentation/Tools/Conceptual/SafariExtensionGuide/Worki
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/CSS/display
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Using_Firefox_1.5_caching
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.mozilla.org/en/Security/CSP)
Source: chromecache_48.2.dr	String found in binary or memory: https://developer.snapappointments.com/bootstrap-select)
Source: chromecache_48.2.dr	String found in binary or memory: https://drafts.csswg.org/cssom/#common-serializing-idioms
Source: chromecache_48.2.dr	String found in binary or memory: https://fullcalendar.io/
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#affix
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#alerts
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#buttons
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#carousel
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#collapse
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#dropdowns
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#modals
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#popovers
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#scrollspy
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tabs
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#tooltip
Source: chromecache_48.2.dr	String found in binary or memory: https://getbootstrap.com/docs/3.4/javascript/#transitions
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/DoersGuild/jQuery.print/issues/18#issuecomment-96451589
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/Microsoft/tslib/blob/v1.6.0/tslib.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/angular/angular/blob/7.2.4/packages/core/src/sanitization/url_sanitizer.ts
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/bassjobsen/Bootstrap-3-Typeahead
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/davidstutz/bootstrap-multiselect)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/eligrey/classList.js/issues/36
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jashkenas/underscore/blob/1.6.0/underscore.js#L714
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jdewit/bootstrap-timepicker/graphs/contributors
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-color/
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery-ui/blob/1.11.0/ui/core.js#L51
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/2.2.4/src/core.js#L448
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/blob/e539bac79e666bba95bba86d690b4e609dca2286/src/selector/escapeSe
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/issues/4382
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/557)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/jquery/pull/764
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jquery/sizzle/pull/225
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
Source: chromecache_47.2.dr	String found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/blob/2.18.1/src/lib/moment/format.js#L22
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/1423
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2166
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/issues/2978
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/moment/moment/pull/1871
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/rails/jquery-ujs
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/rails/jquery-ujs/issues/357
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/snapappointments/bootstrap-select/blob/master/LICENSE)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/14093
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/issues/20280
Source: chromecache_48.2.dr	String found in binary or memory: https://github.com/uxsolutions/bootstrap-datepicker)
Source: chromecache_48.2.dr	String found in binary or memory: https://html.spec.whatwg.org/#strip-and-collapse-whitespace
Source: chromecache_49.2.dr	String found in binary or memory: https://images.lex.doe.gov/rts/LogoEnergyPPPO.png
Source: chromecache_48.2.dr	String found in binary or memory: https://itsjavi.com/bootstrap-colorpicker/
Source: chromecache_48.2.dr	String found in binary or memory: https://jsperf.com/childnodes-array-slice-vs-loop
Source: chromecache_48.2.dr	String found in binary or memory: https://modernizr.com/)
Source: chromecache_48.2.dr	String found in binary or memory: https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects
Source: chromecache_48.2.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: chromecache_52.2.dr	String found in binary or memory: https://secured-login.net/pages/b05b184dfb782/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0U
Source: chromecache_48.2.dr	String found in binary or memory: https://stackoverflow.com/q/181348
Source: chromecache_48.2.dr	String found in binary or memory: https://tools.ietf.org/html/rfc2822#section-3.3
Source: chromecache_48.2.dr	String found in binary or memory: https://www.chromestatus.com/features/5093566007214080
Source: chromecache_48.2.dr	String found in binary or memory: https://www.ecma-international.org/news/TC45_current_work/Office%20Open%20XML%20Part%204%20-%20Marku

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49751 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@18/23@10/7

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2560 --field-trial-handle=2216,i,2404487244690015783,12100135432252379263,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://pppoauth.cert-sha256.com/XTmtrb2NOYy9VRWdkWlozUmV4ajhMZDdSZ2lPR3YyQ2VOV0p0RTd0UVh2RTg5TUJEWUhlSTJFeFkvZXlVSFRFRDVoWlJpZDNybUFkS3RxQXhLU3BmaVdjSWQ2Y1VmbkErdnhOTmlPVXRscUpiTDJkNlpsQkpCbjN5N0VQQzFTRysvRVNRZlNuYllPWlpSTEN5dXFqRnk3OUJBNG1mMHlSTFZDNFpUQ2Q2bEV5TEhvZHp3R2tnZHc2V3JBPT0tLXo5d29tRXljYTVLNjlsR2stLTI3UHJkanptSkxrRTNPQndENUI2c0E9PQ==?cid=2007156291"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2560 --field-trial-handle=2216,i,2404487244690015783,12100135432252379263,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1431761
Product:	CloudBasic
Start time:	18:30:49
Start date:	25.04.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs